Chapter 12 DBMS-Specific Features
Using a trusted context in an application can improve security by placing accountability at the middle-tier, reducing over granting of privileges, and auditing of end-user's activities.
Trusted contexts are supported for DB2 v9.x and higher for z/OS. PowerDesigner models trusted contexts as extended objects with a stereotype of <<TrustedContext>>.
You can create a trusted context in any of the following ways:
You can modify an object's properties from its property sheet. To open a trusted context property sheet, double-click its Browser entry in the Trusted Contexts folder.
The following extended attributes are available on the DB2 tab:
| Name | Description |
|---|---|
| Enable | Specifies that the trusted context is created in the enabled state.
Scripting name: Enable |
| Authorization | Specifies that the context is a connection that is established by the authorization ID that is specified by authorization-name.
Scripting name: Authorization |
| Default role | Specifies the default role that is assigned to a user in a trusted connection when the user does not have a role in the trusted context.
If empty, then a No Default Role is assumed. Scripting name: DefaultRole |
| As object owner | Specifies that the role is treated as the owner of the objects that are created using a trusted connection based on the trusted context.
Scripting name: WithRoleAsObjectOwner |
| Default security label | Specifies the default security label for a trusted connection based on the trusted context.
Scripting name: DefaultSecurityLabel |
| Attributes | Specifies one or more connection trust attributes that are used to define the trusted context.
Scripting name: Attributes |
| With use for | Specifies who can use a trusted connection that is based on the trusted context.
Scripting name: WithUseFor |
| Copyright (C) 2008. Sybase Inc. All rights reserved. |
| |