Tech Library

    IDUG is proud to offer the latest in DB2 information straight from those who know it best: database administrators (DBAs), database managers, application programmers and developers, vendors and other IT professionals who use DB2 daily.

    IDUG Europe Premiere User Speaker: Migration of DB2 Access Control from DB2 to RACF (H10)

    Topic: 2008 NA

    Subtopic: DB2 for z/OS



    DATE: 2008-05-21 (01:30 PM - 02:30 PM)
    SPEAKERS: Peter Suhner (Axa Technology Services Switzerland AG)

    A field report about migrating DB2 internal security to an external security system (RACF).On a system level, all of our z/OS security had always been implemented with RACF security system - with the sole exception of the DB2 subsystem. To reduce the overhead and complexity of maintaining two interacting security systems, we decided to migrate our DB2 security definitions to RACF. The major benefits we gained from that one-year project are:- Transparency: for the administration- Performance: Resource validation only takes place once in RACF- Simplicity: Reduction from some hundred thousands of different DB2 access rights (Grants) to a few thousand generic RACF profiles- Auditability: Logging of all access by SMF- Governance: Centralized administration of all user access rights- Data quality: Avoidance of outdated and inoperative User-IDs by daily comparison between RACF UserIDs and HR dataThe presentation will also mention the obstacles and exceptions.

    EXP. LEVEL: Intermediate

    OBJECTIVES:

    How to migrate DB2 internal security to RACF (or any other external security system)

    Understand basic DB2 and RACF security concepts and their differences

    What it takes to overcome the conceptual differences

    How to convert the contents of the SYSIBM.SYSxxxAUTH tables to equivalent RACF profiles with Utility RACFDB2

    Possible benefits from the implementation as well as recommendations and pitfalls in such a project



    This file is being provided by IDUG. We would encourage you to join IDUG to get full access to all of our files and resources. Joining IDUG is FREE and signing up is simple. Click here to join! or login!

    Download File
    Click to Download

    NOTE: These are only open to members of IDUG. If you are not a member, please CLICK HERE for more information.


    Copyright © 2014 IDUG. All Rights Reserved

    All material, files, logos and trademarks within this site are properties of their respective organizations.

    Terms of Service - Privacy Policy - Contact