Implementing Siebel Business Applications on DB2 UDB for z/OS > Security Concepts for z/OS >
By default, DB2 restricts access to database resources unless privileges are specifically granted. A complete description of DB2 security is available in the vendor documentation on the IBM Web site. Access to database resources is established using one or more of the following authorization IDs:
- Primary authorization ID. The user ID used to log into DB2. All users have a primary authorization ID.
- Secondary authorization ID. Generally known as a group ID. Siebel applications effectively use secondary authorization IDs that are enabled through the DB2 installation exit, DSN3@ATH. IBM provides a sample exit for setting secondary authorization IDs.
- Package owners. The ID of the owner of a DB2 Connect package. It is used for authorization purposes if the package is bound with DYNAMICRULES(BIND) on the BIND command. For more information on DB2 Connect packages, see an IBM Corporation Redbook on this subject.