REDUCED GRANTING OF PRIVILEGES - Rather than explicitly granting
the same set of privileges to many users a database administrator can
grant the privileges for a group of related users granted to a role and
then grant only the role to each member of the group.
DYNAMIC PRIVILEGE MANAGEMENT - When the privileges of a group
must change, only the privileges of the role need to be modified. The security domains of all users granted the group's role automatically
reflect the changes made to the role.
SELECTIVE AVAILABILITY OF PRIVILEGES - The roles granted to a user
can be selectively enable (available for use) or disabled (not available
for use). This allows specific control of a user's privileges in any given
situation.
APPLICATION AWARENESS - A database application can be designed to
automatically enable and disable selective roles when a user attempts
to use the application.