RACF checking for Db2 resources

Each Db2 command, utility, and Structure Query Language (SQL) statement is associated with a set of privileges, authorities, or both.

Authority checking performed by the RACF access control module simulates Db2 authority checking:

• Db2 object types map to RACF class names
• Db2 privileges map to RACF resource names for Db2 objects
• Db2 authorities map to the RACF administrative authority class (DSNADM) and RACF resource names for Db2 authorities
• Db2 security rules map to RACF profiles

The RACF access control module checks the RACF profiles corresponding to that set of privileges and authorities.

See Special considerations for RACF authorization checking and RACF authorization checking reference for more information.