Summary


This chapter discussed a number of topics relating to accessing data: security with the subsystem, with data sets, and within DB2. Subsystem security is handled in a number of ways, such as via IMS, CICS, Kerberos, and RACF. Securing access at the data set level also needs to be considered in some situations, as DB2 stores its data in individual data sets that can be accessed outside of DB2.

After discussing primary and secondary authorization IDs and how they are assigned, we talked about several of the authorization levels within DB2: SYSADM, SYSCNTL, DBADM, DBCNTL, PACKADM, and so on. We looked at the types of privileges each authority possesses.

Ownership of objects also comes with inherited authorities and privileges that can also be granted to other authorization IDs.

We examined the granting and revoking of database object privileges, using the GRANT and REVOKE SQL statements. Finally, we discussed the DB2 audit trace. This trace allows one to carefully monitor critical tables to see who is manipulating the data or, in some very sensitive cases, who is simply trying to access the data.

All of these levels of security can work together in order to keep data and subsystem safe.



DB2 for z. OS Version 8 DBA Certification Guide
DB2 for z/OS Version 8 DBA Certification Guide
ISBN: 0131491202
EAN: 2147483647
Year: 2003
Pages: 175
Authors: Susan Lawson

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net