A database user (or role) is a user (or role) to which the system administrator can assign database privileges. An application user (or role) is a user (or role) created and recognized by an application and cannot be directly assigned database roles or privileges. In multi-tier environments, an authenticated application user must eventually be mapped to a database user or to a database role in order to access database objects. Read -Considerations for Using Application-Based Security- and discuss how a database user can be mapped to application user(s)/role(s). You can describe the consequences on the security of the whole system, its flexibility and performance (using connection pools).