A privilege associates a resource with a permission. There are three possible permissions:
READ — View, but not change a resource. For example, viewing, but not updating data.
WRITE — View or change a resource. For example, viewing and updating the data.
USE — Execute or employ the resource. For example, executing an application or using an InterSystems service.
The format for writing a privilege is resource:permission. So, we write the read privilege on the EmployeeInfo database like this
where %DB_EmployeeInfo is the resource associated with the EmployeeInfo database.