Previous Topic: Create a DB2 LUW Security Label ElementNext Topic: Define a DB2 LUW Trusted Context


Define a DB2 LUW Security Policy

The security administrator uses a security policy to define criteria that determine who has write access and who has read access to individual rows and individual columns of tables. Use options in the Security Policy editor to create a security policy and identify security label components for the security policy.

To define a DB2 LUW security policy

  1. Right-click a Security Policy in the Model Explorer and select Properties.

    The DB2 LUW Security Policy Editor opens.

  2. Select a security policy and work with the following options:

    Note: Click New New icon in property editors to create a new object on the toolbar to create a security policy. Use the Enter filter text text box to filter a large list of names to locate the one you want to work with.

    Name

    Specifies the name of the security policy.

    Generate

    Generates DDL for this object during Forward Engineering.

  3. Work with the following options on the General tab:
    Unauthorized Action Type

    Specifies the action that is taken when a user is not authorized to write the specified security label that is provided in the INSERT or UPDATE statement issued against a table that is protected with this security policy. Valid values are: Override and Restrict.

    Use Group Authorizations

    Specifies to use group authorizations in the security policy. Select from the drop-down list; valid values are True and False.

    Use Role Authorizations

    Specifies to use role authorizations in the security policy. Select from the drop-down list; valid values are True and False.

  4. On the Security Label Component tab, identify a security label component to associate with the selected security policy.
  5. On the Permission tab, identify permissions to associate with the security policy.
  6. (Optional) Click the Comment tab and enter any comments that you want to associate with the object.
  7. (Optional) Click the Where Used tab to view where the object is used within the model.
  8. (Optional) Click the UDP tab to work with user-defined properties for the object.
  9. (Optional) Click the Notes tab to view and edit user notes.
  10. (Optional) Click the Extended Notes tab to view or edit user notes.
  11. Click Close.

    The Security Policy Editor closes.

More information:

Add a Comment in a Property Editor

Add a UDP in a Physical Property Editor