Specifies whether or not a module must be executed by a user
    whose authorization identifier matches the module authorization
    identifier.

    If you specify RESTRICT, SQL bases privilege checking on the
    default authorization identifier. The default authorization
    identifier is the authorization identifier of the user who
    compiles a module unless you specify a different authorization
    identifier using an AUTHORIZATION clause in the module. The
    RESTRICT option causes SQL to compare the user name of the
    person who executes a module with the default authorization
    identifier and prevent any user other than one with the
    correct authorization identifier from invoking that module. All
    applications that use multischema will be the invoker by default.

    If you specify INVOKER, SQL bases the privilege on the
    authorization identifier of the user running the module.

    The default is INVOKER.

    Use the RIGHTS clause, rather than the ANSI_AUTHORIZATION
    qualifier, because the qualifier will be deprecated in a future
    release.