This paper discusses the design and implementation of the SDM3 RBAC model. Meanwhile, it describes how the role-based access control coexists with the discretionary access control and the mandatory access control to guarantee the security of database systems.