DB2 Resources

Document ID : KB000012950
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Protecting DB2 Resources 

Question:

Is it possible to protect DB2 resources in TSS version 16 or is that capability still in a separate product? E.g TSS for DB2?

Environment:
z/os
Answer:

The base TSS doesn’t protect any of the DB2 resources without the TSS for DB2 product. There are 2 ways to secure DB2:

1)Native DB2 security. The DBA issues grants to the objects to give people access.

2)TSS for DB2, which is designed to mimic native DB2 security, but it gives control of the security to the security administrator (taking it away from the DBA). The base TSS is needed for the ADDs and PERMITs of the DB2 resources and for responding to the security calls saying access allowed, access denied, or resource not defined to security.

 

The base TSS documentation has the DB2 resources in there because ADDs and PERMITs for those resources are handled in the base TSS (not TSS for DB2).