Message-level security usage scenario

Message-level security is typically most useful for:
  • Solutions that are designed to use predominantly asynchronous queues.
  • Solutions for which application level security is important; that is solutions whose normal message paths include flows over multiple nodes perhaps connected with different protocols. Message-level security manages trust at the application level, which means security in other layers becomes unnecessary.
A typical scenario is a solution service that is delivered over multiple open networks. For example over a mobile network and the internet, where, from outset asynchronous operation is anticipated. In this scenario, it is also likely that message data is flowed over multiple links that may have different security features, but whose security features are not necessarily controlled or trusted by the solution owner. In this case it is very likely the solution owner does not want to delegate trust for the confidentiality of message data to any intermediate, but would prefer to manage and control trust management directly.

MQe message-level security provides solution designers with the features that enable the strong protection of message data in a way that is under the direct control of the initiating and recipient applications, and that ensures the confidentiality of the message data throughout its transfer, end to end, application to application.


Terms of use | WebSphere software

(c) Copyright IBM Corporation 2004, 2005. All rights reserved.