Security Functions of IBM DB2 10 for z/OS

An IBM Redbooks publication

thumbnail 

Published on 03 September 2011, updated 15 September 2011

  1. .EPUB (3.7 MB)
  2. .PDF (7.8 MB)

Apple BooksGoogle Play Books
Share this page:   

ISBN-10: 0738436038
ISBN-13: 9780738436036
IBM Form #: SG24-7959-00


Authors: Paolo Bruni, Marcelo Antonelli, Hyun Baek, Rick Butler and Ernie Mancill

    menu icon

    Abstract

    IBM® DB2® 9 and 10 for z/OS® have added functions in the areas of security, regulatory compliance, and audit capability that provide solutions for the most compelling requirements.

    DB2 10 enhances the DB2 9 role-based security with additional administrative and other finer-grained authorities and privileges. This authority granularity helps separate administration and data access that provide only the minimum appropriate authority.

    The authority profiles provide better separation of duties while limiting or eliminating blanket authority over all aspects of a table and its data. In addition, DB2 10 provides a set of criteria for auditing for the possible abuse and overlapping of authorities within a system.

    In DB2 10, improvements to security and regulatory compliance focus on data retention and protecting sensitive data from privileged users and administrators. Improvements also help to separate security administration from database administration.

    DB2 10 also lets administrators enable security on a particular column or particular row in the database complementing the privilege model.

    This IBM Redbooks® publication provides a detailed description of DB2 10 security functions from the implementation and usage point of view. It is intended to be used by database, audit, and security administrators.

    Table of Contents

    Part 1. Security for DB2 for z/OS

    Chapter 1. Security regulations

    Chapter 2. Introduction to security for DB2 for z/OS

    Part 2. DB2 capabilities

    Chapter 3. Administrative authorities and security-related objects

    Chapter 4. Roles and trusted contexts

    Chapter 5. Data access control

    Chapter 6. Cryptography for DB2 data

    Chapter 7. User authentication

    Chapter 8. Audit policies

    Chapter 9. RACF and DB2

    Part 3. Implementation scenarios

    Chapter 10. Implementing data access control

    Chapter 11. Remote client applications access

    Chapter 12. Database monitoring and the audit application

    Chapter 13. DB2 temporal support

    Part 4. Security tools

    Chapter 14. Security tools for discovery and control

    Chapter 15. Auditing and InfoSphere Guardium

    Appendix A. Spiffy Computer Company security setup

    Appendix B. Introduction to cryptography

     

    Others who read this also read