The SQL Server 2014 security model is the best place to start to understand SQL Server security. This model is based on three categories that separate the basic elements of security:
Principals—Principals are the entities that request security to SQL Server resources. They include Windows users, SQL Server users, and database users.
Securables—Securables are the SQL Server resources to which permissions can be granted.
Permissions—Permissions link principals with securables.
There are a limited number of principals ...