Articles & Content
Topic: DB2 for LUW
DATE: 2008-10-15 (17:30 - 18:30)
SPEAKERS: Holo Devnani (1681056 Ontario Inc)
Database can not be only compromised by external people but by also internal people who have access to databases. DB2 has currently security safeguards built in. These are done via GRANTing access to the user data (tables, views, etc). Some users like sysadmn have unrestricted access to user data and control over objects.IBM has made version 9 even more secure. They have introduced the concept of Label Base Access Control (LBAC). Even SYSADM has no access to the data. First a new privilege (authority) SECADM has been introduced. Only SECADM can create and delete and Grant the LBACís. SYSADMN can only GRANT authority SECADM and he canít GRANT SECADM to itself.Also db2audit function has been redone in version 9.5I will be presenting how to use LBAC concepts to make user data more secure. Besides this some other features have been introduced. I will be covering these features too. Presentation will go in depth how to use these features.
EXP. LEVEL: Beginner,Intermediate
Authority SECADM: Explain new authority SECADM introduced in DB2 UDB v 9 LUW. Who can give this authority and how it is used to protect data?
Security Objects: How to create/drop security objects: Order in which they must be created/dropped. Who can create these objects? Examples of DDL to create these objects.
Secure table: How to secure a table. A table can be secured by rows or columns or both. Example of DDL to achieve this. What GRANTs you must do before a table can be secured.
DML: What LBAC you must have to access data - Select, Insert, Update and Delete. New option that you must use to LOAD DATA.
Restrict Clause. Currently when a database is created, some GRANTS are given to PUBLIC by default. In V9 you can you can create database with RESTRICT clause and these GRANTS will be given, making data more secure.
Click Here to Download
NOTE: These are only open to members of IDUG. If you are not a member, please CLICK HERE for more information.