Download Free Securing And Auditing Data On Db2 For Z Os Book in PDF and EPUB Free Download. You can read online Securing And Auditing Data On Db2 For Z Os and write the review.

IBM® DB2® 9 and 10 for z/OS® have added functions in the areas of security, regulatory compliance, and audit capability that provide solutions for the most compelling requirements. DB2 10 enhances the DB2 9 role-based security with additional administrative and other finer-grained authorities and privileges. This authority granularity helps separate administration and data access that provide only the minimum appropriate authority. The authority profiles provide better separation of duties while limiting or eliminating blanket authority over all aspects of a table and its data. In addition, DB2 10 provides a set of criteria for auditing for the possible abuse and overlapping of authorities within a system. In DB2 10, improvements to security and regulatory compliance focus on data retention and protecting sensitive data from privileged users and administrators. Improvements also help to separate security administration from database administration. DB2 10 also lets administrators enable security on a particular column or particular row in the database complementing the privilege model. This IBM Redbooks® publication provides a detailed description of DB2 10 security functions from the implementation and usage point of view. It is intended to be used by database, audit, and security administrators.
Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.
This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.
IBM® DB2® Version 11.1 for z/OS® (DB2 11 for z/OS or just DB2 11 throughout this book) is the fifteenth release of DB2 for IBM MVSTM. It brings performance and synergy with the IBM System z® hardware and opportunities to drive business value in the following areas. DB2 11 can provide unmatched reliability, availability, and scalability - Improved data sharing performance and efficiency - Less downtime by removing growth limitations - Simplified management, improved autonomics, and reduced planned outages DB2 11 can save money and save time - Aggressive CPU reduction goals - Additional utilities performance and CPU improvements - Save time and resources with new autonomic and application development capabilities DB2 11 provides simpler, faster migration - SQL compatibility, divorce system migration from application migration - Access path stability improvements - Better application performance with SQL and XML enhancements DB2 11 includes enhanced business analytics - Faster, more efficient performance for query workloads - Accelerator enhancements - More efficient inline database scoring enables predictive analytics The DB2 11 environment is available either for new installations of DB2 or for migrations from DB2 10 for z/OS subsystems only. This IBM Redbooks® publication introduces the enhancements made available with DB2 11 for z/OS. The contents help database administrators to understand the new functions and performance enhancements, to plan for ways to use the key new capabilities, and to justify the investment in installing or migrating to DB2 11.
This IBM® Redbooks® publication explores various implementations of z/OS® Identity Propagation where the distributed identity of an end user is passed to z/OS and used to map to a RACF® user ID, and any related events in the audit trail from RACF show both RACF and distributed identities. This book describes the concept of identity propagation and how it can address the end-to end accountability issue of many customers. It describes, at a high level, what identity propagation is, and why it is important to us. It shows a conceptual view of the key elements necessary to accomplish this. This book provides details on the RACMAP function, filter management and how to use the SMF records to provide an audit trail. In depth coverage is provided about the internal implementation of identity propagation, such as providing information about available callable services. This book examines the current exploiters of z/OS Identity Propagation and provide several detailed examples covering CICS® with CICS Transaction Gateway, DB2®, and CICS Web services with Datapower.
This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing - including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various database environments or that have been used to attack databases (and that have since been fixed). These will often be explained to an "internals level. There are many sections which outline the "anatomy of an attack – before delving into the details of how to combat such an attack. Equally important, you will learn about the database auditing landscape – both from a business and regulatory requirements perspective as well as from a technical implementation perspective.* Useful to the database administrator and/or security administrator - regardless of the precise database vendor (or vendors) that you are using within your organization.* Has a large number of examples - examples that pertain to Oracle, SQL Server, DB2, Sybase and even MySQL.. * Many of the techniques you will see in this book will never be described in a manual or a book that is devoted to a certain database product.* Addressing complex issues must take into account more than just the database and focusing on capabilities that are provided only by the database vendor is not always enough. This book offers a broader view of the database environment - which is not dependent on the database platform - a view that is important to ensure good database security.
IBM® DB2® Version 10.1 for z/OS® (DB2 10 for z/OS or just DB2 10 throughout this book) is the fourteenth release of DB2 for MVSTM. It brings improved performance and synergy with the System z® hardware and more opportunities to drive business value in the following areas: Cost savings and compliance through optimized innovations DB2 10 delivers value in this area by achieving up to 10% CPU savings for traditional workloads and up to 20% CPU savings for nontraditional workloads, depending on the environments. Synergy with other IBM System z platform components reduces CPU use by taking advantage of the latest processor improvements and z/OS enhancements. Streamline security and regulatory compliance through the separation of roles between security and data administrators, column level security access, and added auditing capabilities. Business insight innovations Productivity improvements are provided by new functions available for pureXML®, data warehousing, and traditional online TP applications Enhanced support for key business partners that allow you to get more from your data in critical business disciplines like ERP Bitemporal support for applications that need to correlate the validity of data with time. Business resiliency innovations Database on demand capabilities to ensure that information design can be changed dynamically, often without database outages DB2 operations and utility improvements enhancing performance, usability, and availability by exploiting disk storage technology. The DB2 10 environment is available either for brand new installations of DB2, or for migrations from DB2 9 for z/OS or from DB2 UDB for z/OS Version 8 subsystems. This IBM Redbooks® publication introduces the enhancements made available with DB2 10 for z/OS. The contents help you understand the new functions and performance enhancements, start planning for exploiting the key new capabilities, and justify the investment in installing or migrating or skip migrating to DB2 10.
DB2® 10 for z/OS can reduce the total DB2 CPU demand from 5-20%, compared to DB2 9, when you take advantage of all the enhancements. Many CPU reductions are built in directly to DB2, requiring no application changes. Some enhancements are implemented through normal DB2 activities through rebinding, restructuring database definitions, improving applications, and utility processing. The CPU demand reduction features have the potential to provide significant total cost of ownership savings based on the application mix and transaction types. Improvements in optimization reduce costs by processing SQL automatically with more efficient data access paths. Improvements through a range-list index scan access method, list prefetch for IN-list, more parallelism for select and index insert processing, better work file usage, better record identifier (RID) pool overflow management, improved sequential detection, faster log I/O, access path certainty evaluation for static SQL, and improved distributed data facility (DDF) transaction flow all provide more efficiency without changes to applications. These enhancements can reduce total CPU enterprise costs because of improved efficiency in the DB2 10 for z/OS. DB2 10 includes numerous performance enhancements for Large Objects (LOBs) that save disk space for small LOBs and that provide dramatically better performance for LOB retrieval, inserts, load, and import/export using DB2 utilities. DB210 can also more effectively REORG partitions that contain LOBs. This IBM Redbooks® publication® provides an overview of the performance impact of DB2 10 for z/OS discussing the overall performance and possible impacts when moving from version to version. We include performance measurements that were made in the laboratory and provide some estimates. Keep in mind that your results are likely to vary, as the conditions and work will differ. In this book, we assume that you are somewhat familiar with DB2 10 for z/OS. See DB2 10 for z/OS Technical Overview, SG24-7892-00, for an introduction to the new functions.
Every organization has a core set of mission-critical data that requires protection. Security lapses and failures are not simply disruptions, they can be catastrophic events with consequences felt across the enterprise. The inadvertent mistakes of privileged users alone can result in millions of dollars in damages through unintentional configuration errors and careless security commands. Malicious users with authorized access can cause even greater damage. As a result, security management faces a serious challenge to adequately protect a company's sensitive data. Likewise, IT staff is challenged to provide detailed audit and controls documentation in the face of increasing demands on their time. Automation and simplification of security and compliance processes can help you meet these challenges and establish effective, sustainable user administration and audit solutions. This includes security database cleanup, repeatable audit of configurations and settings, and active monitoring of changes and events. IBM Tivoli Security Management for z/OS V1.11 provides these solutions to help enhance the security of mainframe systems through automated audit and administration. In this IBM® RedpaperTM document we discuss how Tivoli® Security Management for z/OS® allows you to submit mainframe security information from z/OS, RACF®, and DB2® into an enterprise audit and compliance solution and how to combine mainframe data from z/OS, RACF, and DB2 with that from other operating systems, applications, and databases in order to provide the ability to capture comprehensive log data, interpret that data through sophisticated log analysis, and communicate results in an efficient, streamlined manner for full enterprise-wide audit and compliance reporting.
The ABCs of z/OS System Programming is an 13-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. If you would like to become more familiar with z/OS in your current environment, or if you are evaluating platforms to consolidate your e-business applications, the ABCs collection will serve as a powerful technical tool. The contents of the volumes are as follows: Volume 1: Introduction to z/OS and storage concepts, TSO/E, ISPF, JCL, SDSF, and z/OS delivery and installation Volume 2: z/OS implementation and daily maintenance, defining subsystems, JES2 and JES3, LPA, LNKLST, authorized libraries, SMP/E, Language Environment Volume 3: Introduction to DFSMS, data set basics storage management hardware and software, catalogs, and DFSMStvs Volume 4: Communication Server, TCP/IP, and VTAM Volume 5: Base and Parallel Sysplex, System Logger, Resource Recovery Services (RRS), global resource serialization (GRS), z/OS system operations, automatic restart management (ARM), Geographically Dispersed Parallel Sysplex (GDPS) Volume 6: Introduction to security, RACF, Digital certificates and PKI, Kerberos, cryptography and z990 integrated cryptography, zSeries firewall technologies, LDAP, and Enterprise identity mapping (EIM) Volume 7: Printing in a z/OS environment, Infoprint Server and Infoprint Central Volume 8: An introduction to z/OS problem diagnosis Volume 9: z/OS UNIX System Services Volume 10: Introduction to z/Architecture, zSeries processor design, zSeries connectivity, LPAR concepts, HCD, and HMC Volume 11: Capacity planning, performance management, WLM, RMF, and SMF Volume 12: WLM Volume 13: JES3