Security considerations for service integration buses

There are a number of considerations that apply to service integration buses. Messaging security ensures that users are authenticated, resources are protected by security checks and messages are secure when they are in transit.

This topic describes the key security considerations for service integration buses. For more general information about security issues, see Learning about service integration security.

When a bus is created with its bus security enabled, the bus:
You can use secure transport connections to ensure confidentiality and integrity of messages in transit between application clients, the bus, and between messaging engines. This is achieved by defining transport chains and then referencing the transport chain name as follows: For more information, see Secure transport considerations.
Note: When a secure bus is created, only SSL protected messaging chains are permitted. For example, you can use the InboundSecureMessaging transport chain.

In the routing definitions for connections to foreign buses, the user ID applied to messages entering or leaving the foreign bus can be replaced by values specified by the Inbound user ID and Outbound user ID properties. For more information, see Adding a foreign bus.

The ability to authenticate access to a foreign bus is provided by the Authentication alias property of the service integration bus link . An authentication alias is defined at both ends of the foreign bus link between two secure buses. The user ID specified on the foreign bus link must be the same at both ends of the foreign bus link for authorization purposes. For example, consider a scenario where two messaging engines are connected by a foreign bus link. Messaging engine A presents the user ID and password to messaging engine B so that messaging engine B can authenticate messaging engine A. For details about creating a foreign bus link, see Adding a service integration bus link.




Related concepts
Planning issues for bus topologies
Planning issues for multiple-bus topologies
Planning issues for topologies that include WebSphere MQ
Learning about service integration buses
Related tasks
Connecting buses
Concept topic Concept topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 4:28:44 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-mp&topic=cjj0009_
File name: cjj0009_.html