Local security

Local security protects MQe message or MQeFields data locally. This is achieved by creating an attribute with an appropriate symmetric cryptor and compressor, creating and setting up an appropriate key, by providing a password. The key is explicitly attached to the attribute, and the attribute is attached to the MQe message. MQe provides the MQeLocalSecure Java™ class and C API to assist with the setup of local security, but in all cases it is the responsibility of the local security user (MQe internally or an MQe application) to set up an appropriate attribute and manage the password key.

Local security provides protection for MQe data, MQeFields objects, including Java message objects, for example MQeMsg Object. The protected data is returned in a byte array. To apply local security to a data object you must:
  1. Create an attribute with an appropriate authenticator, cryptor, and compressor.
  2. Set up an appropriate key, by providing a password.
  3. Explicitly attach the key to the attribute, the attribute to the data, MQeFields object, and invoke the dump() method on the data object.

The authenticator determines how access to the data is controlled. It is invoked every time a piece of data is acessed. The cryptor determines the cryptographic strength protecting the data confidentiality. The compressor determines the amount of storage required by the message.

MQe provides the MQeLocalSecure class to assist with the use of local security. However, it is the responsibility of the local security user to setup an appropriate attribute and provide the password. MQeLocalSecure provides the function to protect the data and to save and restore it from backing storage. If an application chooses to attach an attribute to a message without using MQeLocalSecure, it also needs to save the data after using dump and must retrieve the data before using restore.


Terms of use | WebSphere software

(c) Copyright IBM Corporation 2004, 2005. All rights reserved.