If a user WANTS to give some privileges to another user or a group of users then they will create role and they give this role to the users.let the privileges be 'insert' and 'update' on 'emp' table then instead of SPECIFYING them by their names they will create role which inturn INCLUDES these methods. this role is further given to the users.

If in futher if he wants to remove some privilege given to the users, he can just alter the role and remove that particular privilege such as he can remove update from this created role..

Later the users cant do updations on that emp table.but still can insert the VALUES into that table.

HENCE Roles are the easiest way to grant and manage common privileges needed by different groups of database users.Creating roles and assign each role to group of users will simplify the job of assigning privileges to individual users.

If a user wants to give some privileges to another user or a group of users then they will create role and they give this role to the users.let the privileges be 'insert' and 'update' on 'emp' table then instead of specifying them by their names they will create role which inturn includes these methods. this role is further given to the users.

If in futher if he wants to remove some privilege given to the users, he can just alter the role and remove that particular privilege such as he can remove update from this created role..

Later the users cant do updations on that emp table.but still can insert the values into that table.

Hence Roles are the easiest way to grant and manage common privileges needed by different groups of database users.Creating roles and assign each role to group of users will simplify the job of assigning privileges to individual users.