Trusted Connection



Data security is becoming one of the biggest challenges for J.K.Avro superstore. Data access needs to be restricted, when connected to database server through web servers or application servers.

J.K.Avro superstore is looking for a solution which gives greater control on access to database when connected through webserver or application server.

Operation



To be compliant with PCI security requirement "Track and monitor all access to network resources and cardholder data", and to prevent access to sensitive information in 'credit_card' table from outside the organizational premisis, the J.K.Avro superstore decides to implement trusted connection using trusted context objects.

Solution



A trusted connection allows the initiator of this trusted connection to acquire additional capabilities that may not be available outside the scope of the trusted connection.

This tutorial demonstrates how DB2's "Trusted Context" feature address the above problem. Topics presented are: