Security enhancements

With the number of both internal and external security threats growing, it is important to separate the tasks of keeping data secure from the management tasks of administering critical systems. Building on the enhancements introduced in previous versions, the enhancements in Db2 11.5.5 ensure that your sensitive data is even better protected.

Attention: This mod pack release is currently available for the following Db2 products:

Db2 on-premises
The single container deployments of Db2 Warehouse and IBM Integrated Analytics System (IIAS)
The container micro-service deployment of Db2 on Red Hat OpenShift

The following table displays a list of security enhancements in Db2 11.5.5:

Table 1. Security enhancements in Db2 11.5.5
Enhancement	Description
New schema level access control of database objects	In Db2 11.5.5, the following schema privileges and authorities are being added to allow users to manage and control access to database objects at a schema level. This provides the ability for a DBADM user or a SECADM user to delegate some of their responsibilities to others, while confining the assigned authorities to a specific schema. Privileges: SELECTIN INSERTIN UPDATEIN DELETEIN EXECUTEIN Authorities: schema LOAD SCHEMAADM schema DATAACCESS schema ACCESSCTRL For more information, refer to Schema privileges and authorities.
Multiple label support for JSON Web Tokens	Starting from Db2 11.5.5, multiple labels are supported for JSON Web Tokens. Up to 10 issuers can be specified, and each issuer can have up to five labels for each label type. Each of the labels are extracted and verified against a token signature for verification. For more information, see Token configuration file. For a list of new supporting signature algorithms, see JSON Web Tokens (JWT)