In this IBM Redbooks publication we discuss the existing and new DB2 security features introduced in DB2 9.5 for Linux, UNIX, and Windows. These enriched DB2 security features provide you with the capability to protect your data and comply with regulatory requirements.

We describe how you can control data access through DB2 authentication and authorization functions. The role feature provides new options for tighter security, more granularity, and flexibility in administrating data access. Data encryption offers the capability to protect sensitive data in the database, critical database files, and data transferred over the network.

Trusted contexts and trusted connections allow you to have more control over when a data access privilege becomes available to a user. Using label-based access control (LBAC), you can control read and write access of users to individual rows and columns at the table level. The enhanced audit facility generates, and allows you to maintain, an audit trail for a series of predefined database events for analysis and identifying system misuse.

At the end, we introduce other DB2 data security solutions including IBM Database Encryption Expert, DB2 Audit Management Expert, and IBM Optim Enterprise Data Management.

Chapter 1. DB2 security overview

Chapter 2. SYSADM, DBADM, SECADM, and OS authorities

Chapter 3. Roles

Chapter 4. Trusted contexts and connections

Chapter 5. Label-based access control

Chapter 6. Auditing

Chapter 7. Data encryption

Chapter 8. IBM security solutions

Appendix A. Sample applications and scripts

Appendix B. Additional material