Embodiments described herein generally relate to creating an autonomous role-based security system for a database management system, wherein a super user may not always be required. A computer-implemented method is described. The method includes establishing one or more privileges in a database system, each privilege controlling access to an administrative function for the database system. Each privilege is assigned to one or more roles. Each role may always have a minimum set of users with only administrative rights over the role. A request is received from a first user to grant a role to a second user. A database management system determines whether the first user has administrative privileges over the role. If the first user has administrative privileges over the role, the role is granted to the second user. The database system may satisfy the principles of least privilege and separation of duties.