REDUCED  GRANTING  OF PRIVILEGES - Rather than explicitly granting the same set  of  privileges  to  many users a database administrator  can grant the privileges  for  a  group of related users granted to a role and then grant only the role to each member of the group. DYNAMIC PRIVILEGE MANAGEMENT  - When the privileges of a group must change, only  the  privileges of the role need to be modified. The security domains of  all  users  granted  the group's role automatically reflect the changes made to the role. SELECTIVE  AVAILABILITY  OF PRIVILEGES - The roles granted to a user can be selectively  enable  (available  for  use)  or disabled  (not available for use).  This  allows  specific  control  of a user's privileges in any given situation. APPLICATION   AWARENESS  -  A  database  application  can  be  designed  to automatically  enable  and  disable selective roles when a user attempts to use the application. How to prevent unauthorized use of privileges granted to a Role ?