SAP® Sybase® IQ provides a role-based security model for controlling access to database objects and executing privileged operations. This model provides complete control and granularity for the privileges you want to grant to users. Each privileged operation in a database requires one or more system or object-level privileges be assigned to the user to execute the operation.
A system privilege allows users to perform authorized database tasks. For example, assign the CREATE TABLE system privilege to a user to allow him or her to create self-owned tables.
An object-level privilege allows a user to perform an authorized task on a specified object. For example, assign ALTER object-level privilege on TableA to a user to allow him or her to alter that table, but no other tables.
A role is a container that may contain one or more system privileges, object-level privileges, and other roles. Granting a role to a user is equivalent to granting the user the underlying system and object-level privileges of the role.