WebSphere Enterprise Service Bus for z/OS, Version 6.2.0 Operating Systems: z/OS


Data integrity and privacy

The privacy and integrity of data that is accessed when WebSphere® Process Server processes are invoked is critical to your security.

Data privacy and data integrity are closely related concepts. For a more detailed discussion, refer to the WebSphere Application Server Network Deployment information center.

Privacy

Privacy means that it should not be possible for an unauthorized user to intercept and read data.

Integrity

Integrity means that it should not be possible for an unauthorized user to alter data.

Solutions provided in WebSphere Process Server

WebSphere Process Server supports two widely used solutions for data privacy and integrity:
  • Secure Sockets Layer (SSL) protocol. SSL uses a handshake to authenticate the end points and exchange information that is used to generate the session key that will be used by the end points for encryption and decryption. SSL is a synchronous protocol and is suitable for point-to-point communication. SSL requires that the two end points maintain a connection with each other for the duration of the SSL session.
  • WS-Security. This standard defines Simple Object Access Control (SOAP) extensions for securing SOAP messages. WS-Security adds support for authentication, integrity, and privacy for a single SOAP message. Unlike SSL, there is no handshake to establish a session key. This makes WS-Security suitable for securing messages in an asynchronous environment, such as SOAP over Java™ Message Service (JMS) or SOAP over Service Integration Bus (SIB). WS-Security deployment descriptors can be set in your applications before deployment. See related information for more details.
In a business integration environment with multiple systems interacting with one another, it is likely that some of the communication will be asynchronous. Therefore, in most instances, WS-Security is the superior solution.

concept Concept topic

Terms of use | Feedback


Timestamp icon Last updated: 21 June 2010


http://publib.boulder.ibm.com/infocenter/dmndhelp/v6r2mx/topic//com.ibm.websphere.wesb620.zseries.doc/doc/csec_dataintegrity.html
Copyright IBM Corporation 2005, 2010. All Rights Reserved.
This information center is powered by Eclipse technology (http://www.eclipse.org).