Using trusted contexts for improved security
DB2 provides various levels of security like authorization, authentication, privileges, roles, and so on. We can limit user access by setting the proper restrictions at any level. We can only apply these restrictions to a user, a role, or a group. It also means that if we use generic authorization IDs, then we cannot provide granular security. This is the exact problem we face in 3-tier architecture. In this architecture, we have the application server between the database and the application. The application server runs all the queries against the database on behalf of the application and this is done by the authorization ID, available at the application server. Because we also want this authorization ID to be able to perform all the tasks, we end up giving most of the privileges to this generic authorization ID and hence we are exposed to a security compromise.
To overcome this situation, DB2 provides a new functionality, known as trusted connections...
