Previous Topic: Protecting ResourcesNext Topic: Authority and Privilege Processing


Resource Classes

With CA Top Secret Option for DB2, DB2 resources are protected through standard CA Top Secret access control procedures. All resources have full scope checking as well as administrative authority support. In turn, this kind of support eliminates the need for secondary authorization IDs since the cascading effect of the REVOKE statement no longer exists.

CA Top Secret Option for DB2 resource classes are defined to the Resource Descriptor Table (RDT) and provide improved control over DB2 objects and resources.

The following table shows the DB2‑specific resources defined to the RDT and what they protect. For example, the CA Top Secret Option for DB2 resource DB2STOGP is used to protect the DB2 objects known as Storage Groups.

CA Top Secret Option for DB2
Resource Classes

DB2 Resources

DB2SYS

Authorities

DB2BUFFP

Buffer Pools

DB2COLL

Collections

DB2FUNC

Functions

DB2JAR

JAR Files

DB2DBASE

Databases

DB2PLAN

Plans

DB2PKG

Packages

DB2PROC

Stored Procedures

DB2ROLE

Roles

DB2SCHMA

Schemas

DB2SEQ

Sequences

DB2STOGP

Storage Groups

DB2TABSP

Table Spaces

DB2TABLE

Tables/Views

DB2TRCON

Trusted contexts

DB2TYPE

Distinct Types