Skip to main content
IBM Redbooks

Security Functions of IBM DB2 10 for z/OS

An IBM Redbooks publication

thumbnail 

Published on 03 September 2011, updated 15 September 2011

  1. .EPUB (3.7 MB)
  2. .PDF (7.8 MB)
Apple BooksGoogle Play BooksRead in Google Books Order hardcopy
Share this page:
 
 

ISBN-10: 0738436038
ISBN-13: 9780738436036
IBM Form #: SG24-7959-00

Authors: Paolo Bruni, Marcelo Antonelli, Hyun Baek, Rick Butler and Ernie Mancill

menu icon

Abstract

IBM® DB2® 9 and 10 for z/OS® have added functions in the areas of security, regulatory compliance, and audit capability that provide solutions for the most compelling requirements.

DB2 10 enhances the DB2 9 role-based security with additional administrative and other finer-grained authorities and privileges. This authority granularity helps separate administration and data access that provide only the minimum appropriate authority.

The authority profiles provide better separation of duties while limiting or eliminating blanket authority over all aspects of a table and its data. In addition, DB2 10 provides a set of criteria for auditing for the possible abuse and overlapping of authorities within a system.

In DB2 10, improvements to security and regulatory compliance focus on data retention and protecting sensitive data from privileged users and administrators. Improvements also help to separate security administration from database administration.

DB2 10 also lets administrators enable security on a particular column or particular row in the database complementing the privilege model.

This IBM Redbooks® publication provides a detailed description of DB2 10 security functions from the implementation and usage point of view. It is intended to be used by database, audit, and security administrators.

Table of Contents

Part 1. Security for DB2 for z/OS

Chapter 1. Security regulations

Chapter 2. Introduction to security for DB2 for z/OS

Part 2. DB2 capabilities

Chapter 3. Administrative authorities and security-related objects

Chapter 4. Roles and trusted contexts

Chapter 5. Data access control

Chapter 6. Cryptography for DB2 data

Chapter 7. User authentication

Chapter 8. Audit policies

Chapter 9. RACF and DB2

Part 3. Implementation scenarios

Chapter 10. Implementing data access control

Chapter 11. Remote client applications access

Chapter 12. Database monitoring and the audit application

Chapter 13. DB2 temporal support

Part 4. Security tools

Chapter 14. Security tools for discovery and control

Chapter 15. Auditing and InfoSphere Guardium

Appendix A. Spiffy Computer Company security setup

Appendix B. Introduction to cryptography

 

Others who read this also read