>So, if we follow this approach, who should be creating the schema as design time?
Not sure what you mean by that. We call this design time because you are creating an artifact in the repository and the catalog object doesn't get created until you activate that design time object.
> Security Administrator or Developer/Modeler?
Doesn't really matter. Depends upon your process. However I would say most of the time the developer creates the schema. The developer doesn't immediately get access to the new schema. He/She must create a role and that role has to be granted to them before they can see the objects in the new schema.
>Also, for our current scenario, where developers are doing changes in their own schema, what should be done as a Security Administrator to assign access to a user schema to other developers?
They shouldn't be creating objects in their user schema. That user schema is for internal usage - like the creation of temporary objects. It shouldn't be used for any development.