Chapter 10. Implementing Security

All tasks and concepts presented in the previous chapters assumed you had the administrative rights to set up client and server connectivity, execute SQL statements, create database objects, and so on. In the real world, administrative rights are typically given only to selected individuals. In addition, the ability for users to access data must be controlled to comply with business requirements. DB2 uses a few constituents to support various security schemes. This chapter discusses each of the security components and provides examples.

In this chapter you will learn about:

• The big picture of the DB2 security model

• Different authentication methods that DB2 supports

• Authentication methods using customized loadable libraries

• How to enable data encryption

• Database operations you can perform with the various administrative authorities

• Controlling access to database objects

• Obtaining the authorities and privileges information from the metadata

• Considerations for Windows domain users