Local security

Local security protects WebSphere MQ Everyplace message or MQeFields data locally. This is achieved by creating an attribute with an appropriate symmetric cryptor and compressor, creating and setting up an appropriate key, by providing a password. The key is explicitly attached to the attribute, and the attribute is attached to the WebSphere MQ Everyplace message. WebSphere MQ Everyplace provides the MQeLocalSecure Java class and C API to assist with the setup of local security, but in all cases it is the responsibility of the local security user (WebSphere MQ Everyplace internally or a WebSphere MQ Everyplace application) to set up an appropriate attribute and manage the password key.

Local security provides protection for WebSphere MQ Everyplace data, MQeFields objects, including Java message objects, for example MQeMsgObject. The protected data is returned in a byte array. To apply local security to a data object you must:

  1. Create an attribute with an appropriate authenticator, cryptor, and compressor.
  2. Set up an appropriate key, by providing a password.
  3. Explicitly attach the key to the attribute, the attribute to the data, MQeFields object, and invoke the dump() method on the data object.

The authenticator determines how access to the data is controlled. It is invoked every time a piece of data is acessed. The cryptor determines the cryptographic strength protecting the data confidentiality. The compressor determines the amount of storage required by the message.

WebSphere MQ Everyplace provides the MQeLocalSecure class to assist with the use of local security. However, it is the responsibility of the local security user to setup an appropriate attribute and provide the password. MQeLocalSecure provides the function to protect the data and to save and restore it from backing storage. If an application chooses to attach an attribute to a message without using MQeLocalSecure, it also needs to save the data after using dump and must retrieve the data before using restore.



© IBM Corporation 2002. All Rights Reserved