2) security
-
Upload
guptavikki99 -
Category
Documents
-
view
26 -
download
0
Transcript of 2) security
![Page 1: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/1.jpg)
IBM DB2 9
© 2008 IBM Corporation
Vikas ManoriaIT Specialist – IBM Academic [email protected]
Section -2) Security
![Page 2: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/2.jpg)
IBM DB2 9
2
Section 2 - Security (11%)Section 2 - Security (11%)
Knowledge of restricting data accessKnowledge of restricting data accessKnowledge of different authorities and Knowledge of different authorities and
privileges availableprivileges availableKnowledge of encryption options available Knowledge of encryption options available
(data and network)(data and network)Given a DCL SQL statement, ability to identify Given a DCL SQL statement, ability to identify
results (GRANT, REVOKE, CONNECT results (GRANT, REVOKE, CONNECT statements)statements)
![Page 3: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/3.jpg)
IBM DB2 9
3
Aspects of database security
A database security plan should define:
Who is allowed access to the instance and/or database
Where and how a user's password is verified What authority level a user is granted What commands a user is allowed to run What data a user is allowed to read and/or alter What database objects a user is allowed to create, alter, and/or drop
![Page 4: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/4.jpg)
IBM DB2 9
4
Security - Authentication , Authorities and Privileges
DB2 Authentication controls the following aspects :- Who is allowed access to the instance and/or DB
- Where and how a user's password will be verified
DB2 authorities control the following aspects of a database security plan:- What authority level a user is granted
- What commands a user is allowed to run
- What data a user is allowed to read and/or alter
- What database objects a user is allowed to create, alter and/or drop
A privilege is the right to create or access a database object. - Database-level privileges — span all objects within the database
- Object-level privileges — associated with a specific object
![Page 5: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/5.jpg)
IBM DB2 9
5
Basic Client-Gateway-Host configuration
DB2 server orDB2 Connect Server
(Gateway)
Windows
AIX
Linux
DB2 on the host
DB2 clients
![Page 6: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/6.jpg)
IBM DB2 9
6
Security - Authentication Verify user's identity DB2 will pass all user IDs and passwords to the operating
system or external security facility for verification. Set the authentication parameter at both the DB2 server and
client to control where authentication takes place- At the DB2 server, authentication type is defined in the
database manager configuration file (DBM CFG) db2 "GET DBM CFG" db2 "UPDATE DBM CFG USING AUTHENTICATION CLIENT"
- At the DB2 client, authentication type is specified when cataloging a database db2 "CATALOG DATABASE sample AT NODE mynode AUTHENTICATION SERVER"
![Page 7: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/7.jpg)
IBM DB2 9
7
Authentication TypesWhere Does Authentication Take Place?
1. SERVER
2. SERVER_ENCRYPT
3. CLIENT
4. KERBEROS
5. KRB_SERVER_ENCRYPT
6. DATA_ENCRYPT
7. DATA_ENCRYPT_CMP
8. GSSPLUGIN
9. GSS_SERVER_ENCRYPT
Authentication occurs at the server workstation, using the security facility provided by the server's operating system. By default, this is the authentication type used when an instance is first created.
Same as SERVER User Credentials encrypted at the client workstation before it is sent to the server workstation for validation.
Authentication occurs at the client workstation, using the security facility provided by the client's operating system.
Authentication occurs at the server workstation, using a security facility that supports the Kerberos security protocol. Supported only on clients and servers that are using the Windows 2000, Windows XP, or Windows .NET operating system.
Authentication occurs at the server workstation, using either the KERBEROS or the SERVER_ENCRYPT authentication method.
if the Kerberos authentication service is unavailable, the server acts as if the SERVER_ENCRYPT was specified
Same as SERVER_ENCRYPT authentication method.
In addition, all user data is encrypted before it is passed from client to server and from server to client.
Same as DATA_ENCRYPT authentication method.
In addition, this authentication type provides compatibility for down-level products that do not support the DATA_ENCRYPT authentication type.
Authentication occurs at the server workstation, using a Generic Security Service Application Program Interface (GSS-API) plug-in.
If the client's authentication type is not specified, the server returns a list of server-supported plug-ins to the client. If not supports any one then use KERBEROS method
Authentication occurs at the server workstation, using either the GSSPLUGIN or the SERVER_ENCRYPT authentication method.
If the client does not support any of the plug-ins found in the server-supported plug-in list, then client tries KERBEROS method. If its do not support then it use SERVER_ENCRYPT method.
![Page 8: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/8.jpg)
IBM DB2 9
8
Trusted Clients versus Untrusted Clients Clients that use an operating system that contains a tightly
integrated security facility (for example, Windows NT, Windows 2000, all supported versions of UNIX, MVS, OS/390, VM, VSE, and AS/400) are classified as trusted clients.
Clients that use an operating system that does not provide an integrated security facility (for example, Windows 95, Windows 98, and Windows Millennium Edition) are treated as untrusted clients.
Whenever an untrusted client attempts to access an instance or a database, user authentication always takes place at the
server. If trust_allclnts configuration parameter is set to DRDAONLY, only MVS, OS/390, VM, VSE, and OS/400 clients will be treated as trusted clients.
![Page 9: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/9.jpg)
IBM DB2 9
9
Authorities
![Page 10: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/10.jpg)
IBM DB2 9
10
System Administrator (SYSADM) authority
Highest level of administrative authority available.Only SYSADM is allowed to perform these tasks:
- Migrate a database from a previous version to DB2 Ver 9.- Modify the parameter values of the DBM CFG file
associated with an instance-including specifying which groups have SYSDBA, SYSCTRL, SYSMAINT, and SYSMON authority.
- Give (grant) / Revoke DBADM and SECADM authority to individual users and/or groups.
Ex. Granting SYSADM authority to the group grp1:- db2 "UPDATE DBM CFG USING SYSADM_GROUP grp1"
![Page 11: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/11.jpg)
IBM DB2 9
11
System Control (SYSCTRL) authority SYSCTRL users can perform all administrative and maintenance commands within the instance.
Some tasks that only SYSCTRL & SYSADM can do- Force users off the system.- Create or destroy (drop) a database.- Create, alter, or drop a table space.
Cannot access any data within the databases unless they are granted the privileges.
A SYSADM user can assign SYSCTRL to a group by:db2 "UPDATE DBM CFG USING SYSCTRL_GROUP grp2"
![Page 12: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/12.jpg)
IBM DB2 9
12
System Maintenance (SYSMAINT) authority SYSMAINT users can issue a subset of commands allowed for
SYSCTRL authority — tasks that are considered “maintenance” related like::- db2start/db2stop- db2 backup/restore/rollforward database- db2 runstats (against any table)- db2 update db cfg for database dbname
Users with SYSMAINT cannot create or drop databases or tablespaces.
Cannot access any data within the databases. A SYSADM user can assign SYSMAINT to a group by:
db2 "UPDATE DBM CFG USING SYSMAINT_GROUP grp3"
![Page 13: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/13.jpg)
IBM DB2 9
13
Database Administrator (DBADM) authority DBADM is a database-level authority and can be assigned by SYSADM to both users and groups.- grant dbadm on database to user user1- grant dbadm on database to group group1
DBADM users have almost complete control over the database but cannot perform maintenance or administrative tasks- drop database -- drop/create tablespace- backup/restore database -- update db cfg for database
Can perform:- create/drop table -- grant/revoke (any privilege)
![Page 14: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/14.jpg)
IBM DB2 9
14
Load (LOAD) authority
LOAD authority is also considered a database-level authority, and can therefore be granted to both users and groups.
LOAD authority allows users - To issue the LOAD command against a table. The LOAD
command is typically used as a faster alternative to insert or import commands when populating a table with large amounts of data.
- Specific privileges on the table may also be required
Users with either SYSADM or DBADM authority can grant or revoke LOAD authority to users or groups.
![Page 15: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/15.jpg)
IBM DB2 9
15
![Page 16: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/16.jpg)
IBM DB2 9
16
System Monitoring (SYSMON) authority allow to take system monitor snapshots for a instance and/or for one or more databases that fall under that instance's control.
It is designed to allow special users to monitor the performance of a database that contains sensitive data that they most likely do not have the right to view or modify.
Security Administrator (SECADM) authority allow special users to configure various label-based access control (LBAC) elements (rules, labels and policies) to restrict access to one or more tables that contain data to which they most likely do not have access themselves.
No other authority provides a user with these abilities, including SYSADM
![Page 17: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/17.jpg)
IBM DB2 9
17
![Page 18: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/18.jpg)
IBM DB2 9
18
Privileges
![Page 19: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/19.jpg)
IBM DB2 9
19
Database Privileges CONNECT: Users can connect to the database.
QUIESCE_CONNECT: Users can access a database while it is in a quiesced state.
IMPLICIT_SCHEMA: Users can implicitly create schemas within the database without using the CREATE SCHEMA command.
CREATETAB: Users can create tables within the database.
BINDADD: Users can create packages in the database using the BIND command.
CREATE_EXTERNAL_ROUTINE: Users can create a procedure for use by applications and other users of the database.
CREATE_NOT_FENCED: Users can create unfenced (UDFs). LOAD: Users can load data into a table
![Page 20: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/20.jpg)
IBM DB2 9
20
USE allows a user to create tables and indexes in the table space. The owner of a table space automatically receives USE privilege for that table space.
The USE privilege cannot be used for SYSCATSPACE table space or any temporary table space that might exist.
CREATEIN allows users to create objects within the schema.ALTERIN allows users to modify definitions of objects within the schema.DROPIN Allows users to drop objects within the schema.
![Page 21: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/21.jpg)
IBM DB2 9
21
Privileges - Tables & Views
![Page 22: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/22.jpg)
IBM DB2 9
22
Privileges on other objects
![Page 23: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/23.jpg)
IBM DB2 9
23
![Page 24: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/24.jpg)
IBM DB2 9
24
Some Examples -CONNECT TO sample USER Jane USING passwordGRANT SELECT ON TABLE inventory TO john_doe WITH GRANT OPTION
GRANT SELECT, INSERT, UPDATE, DELETE ON deptview TO USER user1, USER user2
GRANT REFERENCES (empid) ON TABLE employee TO USER user1, GROUP group1
GRANT ALL ON TABLE payroll.employee TO PUBLIC
GRANT UPDATE (address, home_phone) ON TABLE emp_info TO PUBLIC
REVOKE ALL ON TABLE department FROM user1, PUBLIC [Inaccessible views]
![Page 25: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/25.jpg)
IBM DB2 9
25
Label-Based Access Control (LBAC)
Provides DBA the ability to restrict read / write privileges on the row or column level of a table.
LBAC is set up by the security administrator by creating Security Policies. Each table may only be subscribed to one security policy, but the system may have as many security policies as you'd like.
To set up LBAC security to enable business rules:- Define the security policies and labels and grant the security
labels to the users- Modify of the table including the security label column and
attaching the security policy to it
![Page 26: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/26.jpg)
IBM DB2 9
26
LBAC query No LBAC LBAC ID SALARY
255 60000
100 50000
50 70000
50 45000
60 30000
250 56000
102 82000
100 54000
75 33000
253 46000
90 83000
200 78000
105 45000
SELECT * FROM EMP WHERE SALARY >= 50000
User Level = 100
Users with user level 100 can view the rows with ID <= 100 and salary >= 50000 (indicated in green)
With no LBAC user level imposed, users can view rows that meet the salary >= 50000 qualifier (shown in red)
![Page 27: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/27.jpg)
IBM DB2 9
27
Example implementation of LBAC
Steps overview:
1. Define the security policies and labels a. Define the security label component
b. Define the security policy
c. Define the security labels
2. Create the protected SALES table by including a column that holds the security label and attaching the security policy to the table.
3. Grant the appropriate security labels to users.
Requires SECADM authority to execute commands for creating security policies and labels.
![Page 28: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/28.jpg)
IBM DB2 9
28
Step 1. Create the security label component
CREATE SECURITY LABEL COMPONENT J_DEPT TREE (- 'HR_EXECUTIVE' ROOT,- 'MAN_D11_E21' UNDER 'HR_EXECUTIVE'- 'A00' UNDER 'HR_EXECUTIVE',- 'B01' UNDER 'HR_EXECUTIVE',- 'C01' UNDER 'HR_EXECUTIVE',- 'D11' UNDER 'MAN_D11_E21', - 'D21' UNDER 'HR_EXECUTIVE',- 'E01' UNDER 'HR_EXECUTIVE',- 'E11' UNDER 'HR_EXECUTIVE',- 'E21' UNDER 'MAN_D11_E21‘ )
![Page 29: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/29.jpg)
IBM DB2 9
29
Step 2 & 3. Define the security policy and labels
CREATE SECURITY POLICY J_DEPT_POLICY
COMPONENTS J_DEPT WITH DB2LBACRULES
RESTRICT NOT AUTHORIZED WRITE SECURITY LABEL
CREATE SECURITY LABEL J_DEPT_POLICY.EXECUTIVE
COMPONENT J_DEPT 'HR_EXECUTIVE‘
CREATE SECURITY LABEL J_DEPT_POLICY.MANAGE_D11_E21
COMPONENT J_DEPT 'MAN_D11_E21‘
CREATE SECURITY LABEL J_DEPT_POLICY.A00
COMPONENT J_DEPT 'A00'
![Page 30: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/30.jpg)
IBM DB2 9
30
Step 4. Grant rights based on labels
db2 grant security label J_DEPT_POLICY.A00 to user Frank for read access
db2 grant security label J_DEPT_POLICY.MANAGE_D11_E21 to user Joe for all access
db2 grant security label J_DEPT_POLICY.EXECUTIVE to user Jane for all access
![Page 31: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/31.jpg)
IBM DB2 9
31
Step 5. Modify the EMP table
When modifying the EMP table, you must create an extra column to store the security label. This is of type "DB2SECURITYLABEL".
ALTER TABLE EMP
ADD COLUMN DEPT_TAG DB2SECURITYLABEL
ADD SECURITY POLICY J_DEPT_POLICY After alter with a user defined on the EXECUTIVE level, all the
security tags will have been added as EXECUTIVE. To change this, you need to update
update emp set DEPT_TAG = (SECLABEL_BY_NAME('J_DEPT_POLICY','E11')) where WORKDEPT='E11'
![Page 32: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/32.jpg)
IBM DB2 9
32
![Page 33: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/33.jpg)
IBM DB2 9
33
1) Which of the following is NOT a valid method of authentication that can be used by DB2 9?
A. SERVERB. SERVER_ENCRYPTC. CLIENTD. DCS
![Page 34: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/34.jpg)
IBM DB2 9
34
2) In a client-server environment, which two of the following can be used to verify passwords?
A. System CatalogB. User ID/password fileC. Client Operating SystemD. Communications layerE. Application Server
![Page 35: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/35.jpg)
IBM DB2 9
35
3 ) A table named DEPARTMENT has the following columns:- DEPT_ID - DEPT_NAME - MANAGER - AVG_SALARY
Which of the following is the best way to prevent most users from viewing AVG_SALARY data?
A. Encrypt the table's data B. Create a view that does not contain the AVG_SALARY
column C. Revoke SELECT access for the AVG_SALARY column
from users who should not see AVG_SALARY data D. Store AVG_SALARY data in a separate table and grant
SELECT privilege for that table to the appropriate users
![Page 36: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/36.jpg)
IBM DB2 9
36
4) Assuming USER1 has no authorities or privileges, which of the following will allow USER1 to create a view named VIEW1 that references two tables named TAB1 and TAB2?
A. CREATEIN privilege on the databaseB. REFERENCES privilege on TAB1 and TAB2
C. CREATE_TAB privilege on the databaseD. SELECT privilege on TAB1 and TAB2
![Page 37: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/37.jpg)
IBM DB2 9
37
5. On which two of the following database objects may the SELECT privilege be controlled?
A. SequenceB. NicknameC. SchemaD. ViewE. Index
![Page 38: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/38.jpg)
IBM DB2 9
38
6) After the following SQL statement is executed:
GRANT ALL PRIVILEGES ON TABLE employee TO USER user1 Assuming user USER1 has no other authorities or privileges, which of the following actions is USER1 allowed to perform?
A. Drop an index on the EMPLOYEE tableB. Grant all privileges on the EMPLOYEE table to other users
C. Alter the table definitionD. Drop the EMPLOYEE table
![Page 39: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/39.jpg)
IBM DB2 9
39
7) A user wishing to invoke an SQL stored procedure that queries a table must have which of the following privileges?
A. CALL privilege on the procedure; SELECT privilege on the table
B. CALL privilege on the procedure; REFERENCES privilege on the table
C. EXECUTE privilege on the procedure; SELECT privilege on the table
D. EXECUTE privilege on the procedure; REFERENCES privilege on the table
![Page 40: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/40.jpg)
IBM DB2 9
40
8) User USER1 wants to utilize an alias to remove rows from a table. Assuming USER1 has no authorities or privileges, which of the following privileges are needed?
A. DELETE privilege on the tableB. DELETE privilege on the aliasC. DELETE privilege on the alias; REFERENCES privilege on the table
D. REFERENCES privilege on the alias; DELETE privilege on the table
![Page 41: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/41.jpg)
IBM DB2 9
41
9) Which of the following statements allows user USER1 to take the ability to create packages in a database named SAMPLE away from user USER2?
A. REVOKE CONNECT ON DATABASE FROM user2
B. REVOKE CREATETAB ON DATABASE FROM user2
C. REVOKE BIND ON DATABASE FROM user2D. REVOKE BINDADD ON DATABASE FROM user2
![Page 42: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/42.jpg)
IBM DB2 9
42
10) Which of the following will allow user USER1 to change the comment associated with a table named TABLE1?
A. GRANT UPDATE ON TABLE table1 TO user1
B. GRANT CONTROL ON TABLE table1 TO user1
C. GRANT ALTER ON TABLE table1 TO user1
D. GRANT REFERENCES ON TABLE table1 TO user1
![Page 43: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/43.jpg)
IBM DB2 9
43
11) Which of the following will provide user USER1 and all members of the group GROUP1 with the ability to perform DML, but no other operations on table TABLE1?
A. GRANT INSERT, UPDATE, DELETE, SELECT ON TABLE table1 TO user1 AND group1
B. GRANT INSERT, UPDATE, DELETE, SELECT ON TABLE table1 TO USER user1, GROUP group1
C. GRANT ALL PRIVILEGES EXCEPT ALTER, INDEX, REFERENCES ON TABLE table1 TO USER user1, GROUP group1
D. GRANT CONTROL ON TABLE table1 TO user1 AND group1
![Page 44: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/44.jpg)
IBM DB2 9
44
12) USER1 is the owner of TABLE1. Assuming USER1 only holds privileges for TABLE1, which of the following is the best way to remove all privileges USER1 holds?
A. REVOKE CONTROL ON table1 FROM user1B. REVOKE ALL PRIVILEGES ON table1 FROM user1
C. REVOKE CONTROL ON table1 FROM user1; REVOKE ALL PRIVILEGES ON table1 FROM user1;
D. REVOKE CONTROL, ALL PRIVILEGES ON table1 FROM user1
![Page 45: 2) security](https://reader030.fdocuments.us/reader030/viewer/2022032616/55a81b891a28ab112e8b474d/html5/thumbnails/45.jpg)
IBM DB2 9
45
Japanese
Hebrew
Thank You
English
MerciFrench
Russian
DankeGerman
GrazieItalian
GraciasSpanish
Obrigado Portuguese
Arabic
Simplified Chinese
Traditional Chinese
Tamil
Thai
Korean
A. Encrypt the table's data