Articles & Content

Archives

New Security Features in DB2 V9 for LUW (D13)

Topic: 2008 EU

Subtopic: DB2 for LUW



DATE: 2008-10-15 (17:30 - 18:30)
SPEAKERS: Holo Devnani (1681056 Ontario Inc)

Database can not be only compromised by external people but by also internal people who have access to databases. DB2 has currently security safeguards built in. These are done via GRANTing access to the user data (tables, views, etc). Some users like sysadmn have unrestricted access to user data and control over objects.IBM has made version 9 even more secure. They have introduced the concept of Label Base Access Control (LBAC). Even SYSADM has no access to the data. First a new privilege (authority) SECADM has been introduced. Only SECADM can create and delete and Grant the LBACís. SYSADMN can only GRANT authority SECADM and he canít GRANT SECADM to itself.Also db2audit function has been redone in version 9.5I will be presenting how to use LBAC concepts to make user data more secure. Besides this some other features have been introduced. I will be covering these features too. Presentation will go in depth how to use these features.

EXP. LEVEL: Beginner,Intermediate

OBJECTIVES:

Authority SECADM: Explain new authority SECADM introduced in DB2 UDB v 9 LUW. Who can give this authority and how it is used to protect data?

Security Objects: How to create/drop security objects: Order in which they must be created/dropped. Who can create these objects? Examples of DDL to create these objects.

Secure table: How to secure a table. A table can be secured by rows or columns or both. Example of DDL to achieve this. What GRANTs you must do before a table can be secured.

DML: What LBAC you must have to access data - Select, Insert, Update and Delete. New option that you must use to LOAD DATA.

Restrict Clause. Currently when a database is created, some GRANTS are given to PUBLIC by default. In V9 you can you can create database with RESTRICT clause and these GRANTS will be given, making data more secure.



This file is being provided by IDUG. We would encourage you to join IDUG to get full access to all of our files and resources. Joining IDUG is FREE and signing up is simple. Click here to join! or login!

Download File
Click to Download

NOTE: These are only open to members of IDUG. If you are not a member, please CLICK HERE for more information.