Implementing Siebel eBusiness Applications on DB2 UDB for z/OS and OS/390 > Security Concepts for z/OS and OS/390 >
z/OS and OS/390 Security
By default, DB2 restricts access to database resources unless privileges are specifically granted. A complete description of DB2 security is available in the vendor documentation on the IBM website. Access to database resources is established using one or more of the following authorization IDs:
- Primary authorization ID. The user ID used to log into DB2. All users will have a primary authorization ID.
- Secondary authorization ID. Generally known as a group ID. Siebel applications effectively use secondary authorization IDs that can be enabled through the DB2 installation exit, DSN3@ATH. IBM provides a sample exit for setting secondary authorization IDs.
- Package owners. The ID of the owner of a DB2 Connect package. It is used for authorization purposes if the package is bound with DYNAMICRULES(BIND) on the
BIND command. For more information on DB2 Connect Packages, see an IBM Corporation Redbook on this subject.