A business application system accesses a corporate database using a single ID and password embedded in a program. Which of the following would provide efficient access control over the organization's data?
A、Introduce a secondary authentication method such as card swipe
B、Apply role-based permissions within the application system
C、Have users input the ID and password for each database transaction
D、Set an expiration period for the database password embedded in the program