Administration Guide

Chapter 6. Controlling Database Access

One of the most important responsibilities of the database administrator and the system administrator is database security. Securing your database involves several activities:

• Preventing accidental loss of data or data integrity through equipment or system malfunction.
• Preventing unauthorized access to valuable data. You must ensure that sensitive information is not accessed by those without a "need to know".
• Preventing unauthorized persons from committing mischief through malicious deletion or tampering with data.
• Monitoring access of data by users which is discussed in Chapter 7, Auditing DB2 Activities.

The following topics are discussed:

• An Overview of DB2 Security
• Selecting User IDs and Groups for Your Installation
• Selecting an Authentication Method for Your Server
• Authentication Considerations for Remote Clients
• Partitioned Database Considerations
• Using DCE Security Services to Authenticate Users
• Privileges, Authorities, and Authorization
• Controlling Access to Database Objects
• Tasks and Required Authorizations
• Using the System Catalog.

Planning for Security: Start by defining your objectives for a database access control plan, and specifying who shall have access to what and under what circumstances. Your plan should also describe how to meet these objectives by using database functions, functions of other programs, and administrative procedures.

[ DB2 List of Books | Search the DB2 Books ]