Security considerations for messaging engines

When bus security is enabled, a number of considerations apply to messaging engines. These include setting the Inter-engine authentication alias used for verifying messaging engines joining the bus and for secure communication between messaging engines.

Note: This topic describes security considerations that apply to messaging engines. For more information about security issues, refer to Learning about service integration security.

When bus security is enabled, you must set the Inter-engine authentication alias property to be used for authentication of messaging engines joining the bus and for secure communication between messaging engines.

You can use secure transport connections (SSL or HTTPS) to ensure confidentiality and integrity of messages in transit between messaging engines. You define an appropriate secure transport chain and then reference the transport chain name from the Inter-engine transport chain property of the bus. For more information, see Secure transport considerations.

You can control incoming connections to a messaging engine by setting the Inter-engine authentication alias property to prevent unauthorized clients or messaging engines from establishing a connection. Refer to Adding a bus for further information.

You can secure the access to the data store for a messaging engine using a user ID and password. You can apply higher levels of security by using the underlying features of data storemessage store. For example, Cloudscape allows the whole database to be encrypted, DB2® allows specific tables to be encrypted. These features must be managed directly by the appropriate database administrator. Refer to Securing database access for more details.




Related concepts
Learning about messaging engines
Concept topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 10:43:27 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v602web&product=was-nd-mp&topic=cjk0015_
File name: cjk0015_.html