In DB2, user id's and passwords are controlled by the operating system. Users logged into the operating system can have specific authorities for various objects or groups of objects. You can also grant authority at the operating system group level, in addition to the user id level.
The DB2 authorizations are stored in various DB2 System Catalog views such as:
You can see the defintion of these catalog views in the SQL Reference Vol 1, Appendix D.
M. A. Feldman
IBM Certified DBA on DB2 for Linux, UNIX, and Windows
IBM Certified DBA on DB2 for z/OS and OS/390