From IBM DB2 V10.5 LUW Security Technical Implementation Guide
Part of SRG-APP-000442-DB-000379
Associated with: CCI-002422
Information can be either unintentionally or maliciously disclosed or modified during reception, including, for example, during aggregation, at protocol transformation points, and during packing/unpacking. These unauthorized disclosures or modifications compromise the confidentiality or integrity of the information.
The DB2 database system supports the use of Transport Layer Security (TLS) to enable a client to authenticate a server and to provide private communication between the client and server by use of encryption. Run the following command to find out what versions of TLS are supported by the server: $db2 get dbm cfg If the value of the ssl_versions parameter is not set to "TLSV1" or "TLSV12" this is a finding. Check the value of the DB2COMM parameter using the following command: $db2set –all If the value of DB2COMM is not set to "SSL", this is a finding. Note: When this topic mentions SSL, the same information applies to TLS, unless otherwise noted.
Run the following DB2 command to set the value of ssl_versions to approved TLS or SSL version:
$db2 update dbm cfg using SSL_VERSIONS
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer