Implementation Considerations

Implementation Considerations

This chapter describes decisions that you must make regarding implementing CA Top Secret Option for DB2. You might have already made many of these decisions when you installed and implemented CA Top Secret, or you might be in the process of making the decisions. This chapter helps you address the decisions from a DB2 perspective.

The following practices can help you successfully implement CA Top Secret Option for DB2:

• Organize and plan your implementation. This process requires you to:
  • Provide adequate training
  • Review security policy
  • Identify your operating environment
  • Select CA Top Secret Option for DB2 options
  • Evaluate who should get access to various resources
• Identify users based on primary and secondary authorization IDs
• Secure DB2 subsystems
• Secure DB2 resources (controllable objects and system privileges)
• Secure DB2 data sets and stand‑alone utilities
• Secure DDF (if applicable)

This section contains the following topics:

Decide on Centralized or Decentralized Security

Appoint Your Implementation Team

Plan and Coordinate Your Implementation Schedule

Distribute Documentation

Provide Adequate Training

Review and Tailor Security Policy

Identify Your Operating Environment

Evaluate Use of Exits

Evaluate Who Should Get Access to What

Determine Appropriate Security Mode

Identify Users

Identify DB2 Subsystems

Identify DB2 Resources

Identify and Secure DB2 Data Sets

Protect Distributed Data Facility (DDF) Resources

Test PERMITs Using TSSSIM (optional)