Security Functions of IBM DB2 10 for z/OS

An IBM Redbooks publication

Published 02 September 2011, updated 14 September 2011

cover image

ISBN-10: 0738436038
ISBN-13: 9780738436036
IBM Form #: SG24-7959-00
(456 pages)

More options

Rate and comment

Authors: Paolo Bruni, Marcelo Antonelli, Hyun Baek, Rick Butler, Ernie Mancill


IBM® DB2® 9 and 10 for z/OS® have added functions in the areas of security, regulatory compliance, and audit capability that provide solutions for the most compelling requirements.

DB2 10 enhances the DB2 9 role-based security with additional administrative and other finer-grained authorities and privileges. This authority granularity helps separate administration and data access that provide only the minimum appropriate authority.

The authority profiles provide better separation of duties while limiting or eliminating blanket authority over all aspects of a table and its data. In addition, DB2 10 provides a set of criteria for auditing for the possible abuse and overlapping of authorities within a system.

In DB2 10, improvements to security and regulatory compliance focus on data retention and protecting sensitive data from privileged users and administrators. Improvements also help to separate security administration from database administration.

DB2 10 also lets administrators enable security on a particular column or particular row in the database complementing the privilege model.

This IBM Redbooks® publication provides a detailed description of DB2 10 security functions from the implementation and usage point of view. It is intended to be used by database, audit, and security administrators.

Table of contents

Part 1. Security for DB2 for z/OS
Chapter 1. Security regulations
Chapter 2. Introduction to security for DB2 for z/OS
Part 2. DB2 capabilities
Chapter 3. Administrative authorities and security-related objects
Chapter 4. Roles and trusted contexts
Chapter 5. Data access control
Chapter 6. Cryptography for DB2 data
Chapter 7. User authentication
Chapter 8. Audit policies
Chapter 9. RACF and DB2
Part 3. Implementation scenarios
Chapter 10. Implementing data access control
Chapter 11. Remote client applications access
Chapter 12. Database monitoring and the audit application
Chapter 13. DB2 temporal support
Part 4. Security tools
Chapter 14. Security tools for discovery and control
Chapter 15. Auditing and InfoSphere Guardium
Appendix A. Spiffy Computer Company security setup
Appendix B. Introduction to cryptography

Follow IBM Redbooks

Follow IBM Redbooks