Chapter 5. Authorization—Authority and Privileges
I have the authority, and it would be my privilege, to authorize your entry into the realm of DB2 security.
Remember the house in Chapter 3, “Understanding Identification and Authentication—The First Line of Defense”? We talked about the lock on the front door of the house as the first line of defense, just like authentication is the first line of defense for database security. What if each door inside the house had a lock, too? Locking individual rooms can be considered a second line of defense and is fundamental to a “defense-in-depth” security approach.
In this analogy, each room’s lock represents an authorization requirement that determines whether an individual has the right ...