Topic: 2015 EMEA
Subtopic: DB2 for z/OS
DB2 10 for z/OS supports the use of digital certificates for mutual authentication. By using z/OS digital certificates, DB2 can can validate the certificate and identify the user associated with the connection. You can use certificate authentication with or without a providing a user ID or a password. If the application does not provide a user ID or password, authentication is performed at the network layer only. Once the user ID is authenticated DB2 checks the user authorization against the user ID obtained from the certificate.
The presentation provided the PoC result from a customer using digital certificates to authenticate against a DB2 for z/OS subsystem. The customer has a well-established PKI infrastructure over many years and is using a PKI smard card, which stores digital certificates for authentication at various IT systems. The POC includes testing a JDBC program and Data Studio, a QMF for Workstation and Data Studio to access DB2 and then using a PKI smard card certificate for authentication instead of userid and password. The presentation gives a overview of the POC architecture and details about the implementation, which includes some observations on configuring the appropriate SSL policy definitions.
Click Here to Download
NOTE: These are only open to members of IDUG. If you are not a member, please CLICK HERE for more information.