AUDIENCE:   This course is for DB2 or RACF security administrators wishing to gain further insight into controlling DB2 security using RACF. The course is delivered up to DB2 9. PREREQUISITES:   No previous DB2 or RACF experience is required, although a general understanding of one, other, or both would be beneficial. DURATION:   1 day. OBJECTIVES:   DB2 security has historically been performed using an external security product such as RACF to secure the system, while access to DB2 objects and data was controlled using DB2 internal security. It is now possible to control all aspects of DB2 security (both system and data) utilising RACF. This course provides attendees with an introduction to how this may be achieved. On completion of the course delegates will have learnt: - An understanding of DB2 security in general terms. - Terminology used with DB2 security. - The use and structure of DB2 security tables. - The use of primary, secondary, and CURRENT SQLID authorisation IDs with DB2. - The use of SQL to control security using GRANT and REVOKE statements. - The meaning of explicit, implicit, composite and grouped privileges. - Ownership considerations with regard to DB2 objects. - Controlling DB2 address space and data set authorisation using RACF. - How to use RACF to control access to DB2 objects. - The new RACF classes for DB2 objects. - Creation of RACF profiles for DB2 objects. - The migration tools to assist in migrating DB2 security into RACF. - Additional considerations when using DB2 in a distributed environment. COURSE CONTENT:   DB2 Security Overview Sign-on security; connection security; DB2 internal security; security strategy; remote processing. Internal DB2 Security DB2 internal security mechanism; security tables; security terminology; maintaining security; implicit, explicit and grouped privileges; ownership considerations; dynamic SQL Considerations. Data Control Language and Privileges The GRANT and REVOKE statements; system privileges; object privileges; authorizations required. DB2 Security Reporting and Auditing Catalog security tables; common columns; auditing tables; audit trace. RACF Security Overview Identifying and verifying users; checking authorizations; auditing and reporting; terminology; discrete and generic profiles; maintaining RACF security. Defining the DB2 System to RACF Address space authorization; protected access profiles; protecting DB2 data sets. Defining DB2 Objects to RACF Native DB2 security; DB2 with RACF; RACF/DB2 external security module; scope of classes; DB2 objects and RACF classes; profiles and privileges; migration tools. Multi-Level Security Security labels; row level security granularity; impact on SQL statements; impact on utility tasks. Distributed Data Considerations DDF overview; DDF components; communications tables; client security; server security.