The DB2 sets are never directly accessed by the user. They are accessed by the DB2 region, and in some cases directly by a DB2 utility. A user never logs on to a DB2 system, the user accesses the DB2 resources through a connection. Therefore, facility controls, such as MODE, for DB2 resources apply to the facility that the user is logged on to, such as TSO.
To simplify the planning and implementation for DB2, brake the DB2 resources down into:
These are the resources used by DB2 to implement the management of the user’s data and access to it. System objects include the DB2 Catalog, DB2 Directory, Archive Logs, Bootstrap Data Set, and Communications Database. These resources are implemented by DB2 region and certain DB2 utilities. Program protection can be implemented to control which users are allowed access to the utility programs and STC, and what procedures can be used to bring up the DB2 regions.
These objects are how the user’s data is organized and accessed by the user. These include databases, tables, plans, system privileges. A separate resource class exists for each of these data objects. The DB2PLAN resource class is the only DB2 resource class that has default protection. Turn on default protection for several other of these resource classes especially the DB2SYS resource class.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|