To own/permit the resources under Top Secret you would issue:
TSS ADD(dept) DB2VAR(variable.name.prefix)
TSS PER(acid) DB2VAR(variable.name) ACCESS(NONE|READ|WRITE|ALL)
where 'dept' is the department acid you want to own the resource
'acid' is the user acid to be permitted to the resource, an attached profile, or the ALL record if all users should have access
The maximum resource name length for the ownership (TSS ADD command above) is 26 characters.
The maximum resource name length for the permit above is 255 characters.
WRITE access allows users to populate the variable.
READ access allows the users to read the value of the variable.