The z/OS® Security Server prevents unauthorized system access and can protect DB2® resources, such as tables. The z/OS Security Server is sometimes referred to as RACF®, which is one of its key components.

To control access to your z/OS system, you can use the Resource Access Control Facility (RACF) component of the z/OS Security Server or an equivalent product. When users begin sessions, the z/OS Security Server checks their identities to prevent unauthorized system access. The z/OS Security Server provides effective protection for DB2 data by permitting only DB2-managed access to DB2 data sets.

By using the z/OS Security Server, you can directly control most authorization to DB2 objects, define authorization, or use multilevel security.