Controlling Database Access

Identity theft-a crime in which someone wrongfully obtains another person's personal data (such as a Social Security number, bank account number, and credit card number) and uses it in some way that involves fraud or deception for economic gain-is the fastest-growing crime in our nation today. Criminals are stealing information by overhearing conversations made on cell phones, from faxes and emails, by hacking into computers, from telephone and email scams, by stealing wallets and purses, by stealing discarded documents from trash bins, by stealing mail, and by taking advantage of careless online shopping and banking habits. But more frightening is the fact that studies show up to 70 percent of all identity theft cases are inside jobs-perpetrated by a co-worker or an employee of a business you patronize. In these cases, all that is needed is access to your personal data, which can often be found in a company database.

Every database management system must be able to protect data against unauthorized access and modification. DB2 uses a combination of external security services and internal access control mechanisms to perform this vital task. In most cases, three different levels of security are employed: The first level controls access to the instance a database was created under, the second controls access to the database itself, and the third controls access to the data and data objects that reside within the database.