Given the concerns over security compliance, IBM has steadily removed implicit authorities over the past few years. This direction of course extends to implicit authorities given to DBAs.

With that in mind, note the release of IBM APAR PM26977.

Database administration authority (DBADM) currently has these implicit privileges:

• System privilege STOPALL.
• USE privilege on system resources BUFFERPOOL and STOGROUP.
• System commands: STOP DB2, START/STOP/MODIFY DDF, START/STOP RLIMIT,CANCEL THREAD/DDF THREAD and RESET GENERICLU.

APAR PM26977 removes these implicit system privileges from DBADM. Once the fix is applied to DB2 10, these grant commands must be explicitly issued (e.g., allowing a DBA with DBADM authority to STOP DB2).

Last week I listed some recently updated IBM Redbooks. When I looked more closely at one of these publications, the "DB2 10 for z/OS Performance Topics" Redbook, I found a great of list of APARs. IBM considered these DB2 10 for z/OS information APARs important enough to list in appendix A:

• II10817 – STORAGE : Info APAR for storage usage errors

• II14334 – LOBs : Info APAR link all the LOB support delivery

• II14401 – MIGRATION : Info APAR for fallback to DB2 9 from DB2 10

• II14426 – XML : Info APAR link all the XML support delivery

• I14619 – MIGRATION DDF : Info APAR for DB2 10 DDF migration

Informational APARs can help you keep track of issues related to a specific area of DB2. If you're moving to DB2 10, you can receive notifications when any of these APARs are updated. Just go any individual APAR page and select the Register link in the top right corner.

I've written quite a bit about both IBM DB2 for z/OS manuals and IBM DB2 Redbooks. I generally use the manuals to educate myself about DB2 for z/OS features. When I'm looking for more in-depth details on different areas of practice within DB2, I often turn to Redbooks.

As with manuals, Redbooks are updated on a regular basis. Here's a quick list of DB2 Redbooks that I've read and used. All have been published or updated within the past year. The first two listings include links to previous blog entries I've written about these publications.

• "DB2 10 for z/OS: Configuring SSL for Secure Client-Server Communications" (published: Oct. 11, 2011; last update: Dec. 5, 2011; previous post: Getting Started with SSL)
• "Security Functions of IBM DB2 10 for z/OS" (published: Sept. 2, 2011; last update: Sept. 14, 2011; previous post: Roles and Trusted Context)
• "DB2 10 for z/OS Performance Topics" (published: June 21, 2011; last update: Dec. 6, 2011)
• "DB2 10 for z/OS Technical Overview" (published: Dec. 30, 2010; last update: Dec. 6, 2011)
• "Managing IBM DB2 10 for z/OS Using the IBM DB2 Administration Tool for z/OS Version 10" (published: April 22, 2011)
• "Extremely pureXML in DB2 10 for z/OS" (published: Jan. 28, 2011)

Last month I listed my favorite DB2 blogs, which prompted a reader to comment that DB2 bloggers should start taking advantage of Google+.

I wasn't familiar with Google+, so I set up an account to see what it was all about. When I started with it I wanted to compare it to Facebook. However, as I found others with interest in DB2 for z/OS and added people to my circle of DB2 professional contacts, I realized that Google+, with its focus on business networking, is a bit more like sites like Linkedin.

In short, Google+ looks like another option for DB2 professionals to connect and collaborate. If you're using this tool, please share your thoughts in Comments. What do you like about it? How are you using it to get in touch with other DB2 professionals?

Every few months, I visit IBM's DB2 product library and refresh all of my PDF manuals.

IBM was busy during the latter part of 2011. The majority of manuals have been updated since September, meaning I refreshed almost my entire DB2 10 manual library. Even if you're still on DB2 9 or DB2 8, you should check your own list, because these manuals have been refreshed as well.

In the course of my library upkeeping, I also found a new manual that you should be aware of: "DB2 10 for z/OS: Managing Security."

Since I haven't yet read this manual, I'll give you the roughest of outlines by citing some chapter titles:

Chapter 2. Managing access through authorization IDs and roles

Chapter 3. Managing access though RACF

Chapter 4. Managing access through row permissions and column masks

Chapter 5. Managing access through trusted context

Chapter 6. Managing access through data definition control

Chapter 7. Managing access through exit routines

Chapter 8. Protecting data through encryption and RACF

Chapter 9. Auditing access to DB2

 With the obvious interest customers have security and compliance issues, and given the many security-related enhancements in DB2 10, it's easy to understand why IBM came out with this new document. Diving into this information is one of my top priorities for the early new year. I'm really looking forward to reading this manual and learning more about DB2 10 for z/OS security.