A privilege associates a resource with a permission. There are three possible permissions:
READ — View, but not change a resource. For example, viewing the data in a database, but not updating the database.
WRITE — View or change a resource. For example, viewing and updating the data in a database.
USE — Execute or employ the resource. For example, executing an application or using a Caché service.
The format for writing a privilege is resource:permission. So, we write the read privilege on the EmployeeInfo database like this
where %DB_EmployeeInfo is the resource associated with the EmployeeInfo database.