The following are types of objects or resources that must be controlled in DB2:
Represents resources that are not directly related to a table, database, etc., but rather represent the authority to perform a given function. Some examples are the ability to stop and start databases, run traces, issue display commands, etc.
Represents a logical collection of tables, table spaces and indexes. DB2 groups these objects into a database to let you control access to these objects as a single unit. Different types of access can be granted to a database in native DB2. CA Top Secret Option for DB2 also provides for these same types of access in its implementation. Some examples are the ability to create a table space in a given database, image‑copy that database for backup, recover the database, etc.
Represents a physical collection of tables, and is actually represented on DASD as a VSAM Linear Data Set. Access to a table space is allowed or prevented.
A table represents the actual collection of rows and columns of data. A view represents a logical look at a table or tables, and is presented to the DB2 interface exactly the same as a table.
Types of access are allowed, ranging from read‑only access (SELECT) through the various update requests (DELETE, INSERT, etc.). In addition, for UPDATE requests or referential constraints, access to tables and views can be provided down to the column level.
Represents what DB2 uses to process the SQL statements that are embedded in a program. With plans, there are two types of access: BIND and EXECUTE.
Enables you to break a plan down into manageable parts. A package represents the SQL statements from a single program and can be shared across applications.
Represents one or more packages grouped together under a collection‑id.
Represents a collection of DASD volumes that DB2 can use to dynamically allocate table spaces.
Represents main storage reserved to satisfy the buffering requirements of table spaces.
A function is similar to a subprogram that can be used in an SQL request to let you manipulate data directly in the SQL request.
Stored procedures are compiled programs (stored at a local or remote DB2 server) that can be invoked by a DB2 client with the SQL CALL statement.
When you create functions, stored procedures, distinct types, and JAR files, you can associate them with a schema. A schema is a logical grouping of these resources, and like collections, cannot be owned.
Distinct types are user‑defined data types that are used to describe what input and output data looks like. One of the reasons for using distinct types is that you can control what functions or procedures can use a distinct type to ensure that data is being processed correctly.
Java archive files (JAR files) are files that contain a group of Java classes that can be used in Java applications. JAR files are available beginning with DB2 Release 7.1.
A sequence is a user-defined object that is used to create a sequence of numerical values in table data, according to the specifications in the sequence definition.
A role is very similar to a secondary authid. It is an alternate authid that can be assigned to a user when the user is accessing DB2 via a connection defined as a trusted context. Roles are available beginning with DB2 Version 9.1.
A trusted context is a security entity defined in a DB2 subsystem that identifies a connection to the DB2 subsystem with specific attributes. When a connection is made with those attributes, other attributes defined in the trusted context will also apply to the connection. Trusted contexts are available beginning with DB2 Version 9.1.
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|