It is one aspect of security. If you only grant users access to the views and stored procedures, they don't require access to the underlying tables. It is a means of layering security.

Also, by using views and stored procedures to provide access to the underlying tables, you hide the actual schema of your database. If future changes are required to add functionality, as long as the output from the views and stored procedures remains the same, the users never have to know that the schema changed.