on describing how a particular database security feature works. Customers are often left confused as to when to use what technology - and what security issues each feature is helping them tackle. This has prompted us to build the IBM Data Security Server Blueprint: an easy to use document that can greatly simplify security planning for users of DB2 and IDS data servers. The blueprint outlines the major threats to a data server, and the recommended countermeasures direct from the Lab security teams. The authors of the blueprint will discuss how it was developed, how it works, and most importantly how you can use it to help lock down your data server. Our speakers for this session will be Sal Vella, Vice President, DB2 Development for Linux, Unix and Windows and Business Intelligence; Walid Rjaibi, Security Architect and Relational Data Services Development; and Belal Tassi, WW DB2 Technical Evangelist.
Download: Audio (MP3, 9.2MB) | Presentation charts (PDF, 576KB)…
evelopment team, this book gives DBAs and their managers a wealth of security information that is available nowhere else. It presents real-world implementation scenarios, step-by-step examples, and expert guidance on both the technical and human sides of DB2 security.
This book’s material is organized to support you through every step of securing DB2 in Windows®, Linux®, or UNIX® environments. You’ll start by exploring the regulatory and business issues driving your security efforts, and then master the technological and managerial knowledge crucial to effective implementation. Next, the authors offer practical guidance on post-implementation auditing, and show how to systematically maintain security on an ongoing basis.
* Establishing effective security processes, teams, plans, and policies
* Implementing identification and authentication controls, your first lines of defense
* DB2 in Windows environments: managing the unique risks, leveraging the unique opportunities
* Using the new Label Based Access Control (LBAC) of DB2 9 to gain finer-grained control over data protection
* Encrypting DB2 connections, data “in flight,” and data on disk: step-by-step guidance
* Auditing and intrusion detection: crucial technical implementation details
* Using SSH to secure machine-to-machine communication in DB2 9 multi-partitioned environments
* Staying current with the latest DB2 security patches and fixes
About the Authors
Rebecca Bond is an IBM recognized DB2 SME with extensive experience in security, and a background in finance, healthcare, and government technology consulting. She holds numerous IBM certifications, including IBM Certified Advanced Database Administrator.
Kevin Yeung-Kuen See, CISSP, software developer at the IBM Toronto Laboratory, has served on the DB2 Security Development team. He is a IBM DB2 Certified Solutions Expert.
Carmen Ka Man Wong, staff software developer for IBM, recently joined the DB2 Continuing Engineering team, where she focuses on the DB2 Process Model. She authored the developerWorks series DB2 Label-Based Access Control.
Yuk-Kuen Henry Chan, advisory software developer at the IBM Toronto Lab, is a member of the DB2 Continuing Engineering team, and former member of the DB2 Security Development team. He is an IBM Certified Solutions Expert.
Buy from amazon.com or direct from publisher, Pearson Education.
atory compliance needs such as separation of duties and data-in-transit encryption.
You will learn how to:
1. vest security administration and database administration into two non overlapping roles;
2. prevent database administrators from accessing table data;
3. avoid granting users more privileges than what they need to perform their job tasks;
4. configure DB2 SSL to ensure the confidentiality and integrity of your data communications; and
5. make a successful transition to the DB2 9.7 authorization model.
Join experts from the IBM Toronto Lab: Sal Vella - Vice President of Development, and Walid Rjaibi - Chief Security Architect for DB2 LUW, for this one hour session on DB2 security followed by live questions and answers.…