Getting Started with DB2 Express-C

More documents

Recommendations

Info

174 Getting Started with DB2 Express-C Both bob and pwd are passed to the operating system or external authentication facility to perform the authentication approval, verifying that a user named bob is already defined, and that the password provided matches that user. If this part is successful, the operating system will return security control to DB2. Next, when user bob executes a statement such as: SELECT * FROM mytable DB2 takes over security control to perform the authorization check and confirm that user bob has SELECT privilege on table mytable. If the authorization check fails, DB2 will return an error message, otherwise the statement will be executed against mytable. Note: For more information about working with DB2 security, watch this video: http://www.channeldb2.com/video/video/show?id=807741:Video:4267 10.1 Authentication Although the actual authentication is performed by the operating system through the default security plug-in (or another external security facility), DB2 does decide at which level this authentication occurs. The database configuration parameter AUTHENTICATION, set at the DB2 server, has a range of possible values. For example, when the parameter is set to SERVER (the default), the authentication is performed by the operating system or external security facility on the server. However, if AUTHENTICATION is set to CLIENT, the authentication is performed by the operating system or external security facility at the client. This is shown in Figure 10.2. Figure 10.2 – Where authentication takes place The AUTHENTICATION parameter can be set to any of the values listed in Table 10.1
Chapter 10 – Database Security 175 Command SERVER (default) CLIENT SERVER_ENCRYPT KERBEROS SQL_AUTHENTICATION_DATAENC SQL_AUTHENTICATION_DATAENC_CMP GSSPLUGIN Description Authentication takes place at the server Authentication takes place on the client Like SERVER except user IDs and passwords are encrypted Authentication takes place using a Kerberos security mechanism Server authentication plus connections must use data encryption Like above, except data encryption only used when available Authentication uses an external GSS APIbased plug-in security mechanism Table 10.1 – Valid AUTHENTICATION parameter values 10.2 Authorization Authorization consists of the privileges, authorities, roles, and label-based access control (LBAC) credentials that are stored in DB2 system tables and are managed by DB2. A privilege allows a user to execute a single type of operation against the database, such as CREATE, UPDATE, DELETE, INSERT, etc. A role allows you to group together different privileges that you can grant to a user, group, or other roles. An authority is a predefined role consisting of several privileges. Label-based Access Control (LBAC) credentials include policies and labels supporting granular access to specific rows and columns by given users. LBAC is not included with DB2 Express-C, but you can read more about it in Chapter 2. 10.2.1 Privileges Figure 10.3 shows some of the different privileges in DB2.
Page 3 and 4:
GETTING STARTED WITH DB2 Express-C
Page 5 and 6:
Contents About this book ..........
Page 7 and 8:
Contents 7 6.3 DB2 storage model ..
Page 9 and 10:
Contents 9 13.4.2 Cursor stability
Page 11 and 12:
About this book Notices and tradema
Page 13 and 14:
About this Book 13 A book for the c
Page 15:
About this Book 15 Foreword Innovat
Page 19 and 20:
1 Chapter 1 - What is DB2 Express-C
Page 21 and 22:
Chapter 1 - What is DB2 Express-C?
Page 23 and 24:
Page 25 and 26:
1.8 Moving up to another DB2 editio
Page 27:
Page 30 and 31:
30 Getting Started with DB2 Express
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 59 and 60:
4 Chapter 4 - DB2 Environment The D
Page 61 and 62:
Chapter 4 - DB2 Environment 61 Figu
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Chapter 4 - DB2 Environment 69 conf
Page 71 and 72:
Page 73 and 74:
Chapter 4 - DB2 Environment 73 Tabl
Page 75 and 76:
Chapter 4 - DB2 Environment 75 4.3
Page 77 and 78:
Chapter 4 - DB2 Environment 77 6. S
Page 79:
Chapter 4 - DB2 Environment 79 20.
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
100 Getting Started with DB2 Expres
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 109 and 110:
6 Chapter 6 - DB2 Architecture In t
Page 111 and 112:
Chapter 6 - DB2 Architecture 111 pr
Page 113 and 114:
Chapter 6 - DB2 Architecture 113 6.
Page 115 and 116:
Chapter 6 - DB2 Architecture 115 Fi
Page 117 and 118:
Chapter 6 - DB2 Architecture 117 Ma
Page 119 and 120:
6.3.3.4 Creating a Table Space usin
Page 121 and 122:
Chapter 6 - DB2 Architecture 121 3.
Page 123: Chapter 6 - DB2 Architecture 123 7.
Page 126 and 127: 126 Getting Started with DB2 Expres
Page 141 and 142: 8 Chapter 8 - Working with Database
Page 143 and 144: Chapter 8 - Working with Database O
Page 161 and 162: 9 Chapter 9 - Data Movement Utiliti
Page 163 and 164: Chapter 9 - Data Movement Utilities
Page 171: Chapter 9 - Data Movement Utilities
Page 191 and 192: 11 Chapter 11 - Backup and Recovery
Page 193 and 194: Chapter 11 - Backup and Recovery 19
Page 195 and 196: 11.4 Database logging from the Cont
Page 203: Chapter 11 - Backup and Recovery 20
Page 215 and 216: 13 Chapter 13 - Concurrency and Loc
Page 217 and 218: Chapter 13 - Concurrency and Lockin
Page 225 and 226:
Chapter 13 - Concurrency and Lockin
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
13.10 Summary In this chapter we lo
Page 233 and 234:
Page 235 and 236:
Page 237:
PART III - LEARNING DB2: APPLICATIO
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
Page 250 and 251:
Page 252 and 253:
Page 254 and 255:
Page 256 and 257:
Page 258 and 259:
Page 260 and 261:
Page 262 and 263:
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
Page 270 and 271:
Page 272 and 273:
Page 274 and 275:
Page 276 and 277:
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
Page 284 and 285:
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
Page 292 and 293:
Page 294 and 295:
Page 296 and 297:
Page 298 and 299:
Page 300:
Getting started with DB2 9.7 couldn
show all

Getting Started with DB2 Express-C

Create successful ePaper yourself

Delete template?

Save as template?