Session permissions

Why wouldn’t you store the data in a databse? Why do you need a backend cache?