developerWorks

AIX and UNIX
Information Mgmt
	New to Information Mgmt
	Products
	How to buy
	Downloads
	Technical library
	Training
	Support
	Services
	Forums & community
	News
	Events
Lotus
Rational
Tivoli
WebSphere

Java™ technology
Linux
Open source
SOA and Web services
Web development
XML

My developerWorks
About dW
Submit content
Feedback

Related links
	ISV resources
	alphaWorks (emerging technologies)
	IBM Academic Initiative
	IBM Student Portal
	IBM Virtual Innovation Center (Bus. Partners)
	IBM Redbooks
	IBM Press books
	IBM communities

Local sites
	developerWorks 中国
	developerWorks Japan
	developerWorks 한국
	developerWorks Россия
	developerWorks Brasil
	developerWorks en español
	developerWorks Việt Nam

developerWorks > Information Management >

Best Practices: IBM Data Server Security

	Introduction
	Outline for Best Practices paper
	Download
	Get involved

This Best Practices roadmap details how to protect data servers against the common data security threats, some uncommon threats, and useful countermeasures for these threats.

Introduction

Securing data requires a holistic and layered approach that takes into consideration the broad range of threats. This is commonly referred to as defense in depth, and requires a “security by design” approach, which espouses security as part of the core design of database environments, the supporting infrastructures and business practices around these environments. Multiple layers of security work together to provide the three ultimate objectives of security, commonly known as the CIA triad: confidentiality,integrity, and availability.

IBM understands these data security threats, and designs security features directly into its DB2® and Informix® families of data servers. Both data server families are designed with a wide range of security and auditing capabilities to help protect even the most critical data. In this paper, discover common threats to databases and learn how to protect data servers against the common data security threats, some uncommon threats, and useful countermeasures for these threats.

Back to top

Outline for Best Practices paper

Introduction

Security threats and countermeasures roadmap
Security outside the database

Assessing your security needs
Threats

Data Threats
Configuration Threats
Audit Threats
Executable Threats

Recommended countermeasures

Data Threats
Recommendations on when to use Label-Based Access Control (LBAC)
Configuration Threats
Audit Threats
Executable Threats

Product overviews

IBM DB2 Version 9.5 for Linux, UNIX and Windows
IBM DB2 Version 9.1 for z/OS
IBM Informix Dynamic Server, Version 11
IBM Database Encryption Expert, Verion 1.1.1
IBM Database Encryption Expert security policy overview
IBM Optim
IBM DB2 Audit Management Expert 1.1
z/OS Security Server: Resource Access Control Facility
z/OS Communications Server: Application Transparent Transport Layer Security

Summary
Further Reading

Contributors

Notices

Trademarks

Back to top

Download

" IBM Data Server Security " (May 2008)
This Best Practices roadmap details how to protect data servers against the common data security threats, some uncommon threats, and useful countermeasures for these threats. (pdf; 949KB; 37 pages)

Back to top

Get involved

Comment, edit, or add your own insights to the IBM Data Server Security best practices on the IBM Database Wiki.

Check out all the other Best Practices papers and see how you can improve your experience with DB2 for Linux, UNIX, and Windows.

Back to top

Document options

Document options requiring JavaScript are not displayed

My developerWorks needs you!

Connect to your technical community

Special offers

More offers