Data Masking in DB2

User Data security is one of the critical aspects of database administration. Its DBAs responsibility to ensure data must only be accessed by authorized users and DBAs can control that by restricting access at various level. In some cases you want to completely or partially conceal data depending on who is accessing it, e.g. In Payroll application, manager can view only last 4 digit of employees SSN while a team member cannot see SSN of other employees but can see his/her SSN. If we try to achieve this at application level it will increase application complexity as well as might impact application performance but still your database is vulnerable. If a user gets access to database they can see any employee SSN. Best way to achieve it by Data Masking at database level. 

Data breaches might lead to financial loss, reputational damage, operational downtime, legal action, loss of sensitive data. With changing data privacy law and regulations its even critical now to ensure data is adequately protected. 

In DB2 LUW database Data Masking can be achieved with the help of Column Mask which was introduced in DB2 10.1 as part of Row and Column Access Control (RCAC) . In this blog we will go through steps to enable data masking in DB2 LUW and few scenarios of data masking.

How to Create Column Mask in DB2 LUW?

Column Mask can be created using CREATE MASK command. To create mask user must have SECADM authority, no other privilege is require like select on table or execute on function.

CREATE MASK <mask name> ON <table name> FOR COLUMN <column name> RETURN <case expression> ENABLE

Putty Fatal Error : Couldn't agree a key exchange algorithm

While working with PuTTY to SSH to Unix/Linux servers you might get error Putty Fatal Error : Couldn't agree a key exchange algorithm. Sometime this error can be specific to some servers while for other servers ssh works perfectly fine. In this blog we will see how to fix this issue.

How do you raise a case with IBM support?

As a DB2 DBA or as a matter of fact if you are using any IBM product irrespective of hardware or software you might be in a situation where you might need support from IBM experts. To get IBM expert support you need to create SR (Service Request) with IBM , formerly known as PMR (Problem Management Report). In this blog we will go through steps to create IBM ID, add customer ID to your IBM id and finally create/view and update SR.

URLs to create IBM SR:

There is separate portal to create/view/update Hardware and Software SRs. You can use below URL to navigate to IBM SR portal.

Hardware SRs: https://www-946.ibm.com/support/servicerequest/Home.action

Software SRs : https://www.ibm.com/mysupport/s/?language=en_US

These URLs are valid as on date of publication of this blog, I will try my best to keep it updated with latest URL but in case it doesn't work, feel free to reach out to me to inform about it or put a comment below.

Tablespace Management in DB2

Tablespace is logical collection of containers which contains actual data of database. In DB2 LUW there is 3 types of tablespace SMS (System Managed Spaces), DMS (Database Managed Spaces) and Automatic Storage. In this blog we will go through different tablespace management operation and behavior of SMS, DMS and Automatic Storage for those operations.

In this blog, we will go through different tablespace operations applicable for tablespaces using File or path based containers.

Create SAMPLE database in DB2

In this blog we will go though steps to create sample database. You might need SAMPLE database with tables, views, index, function, procedure and dummy data to conduct POC or for testing, learning purpose. You will need a DB2 instance to create SAMPLE database. Check blog How to create DB2 Instance on Linux for instructions to create DB2 instance and start it.

Prerequisite :

To create SAMPLE database you need a DB2 instance, also you should have SYSADM or SYSCTRL authorities for that instance.