Confidentiality of messages

To maintain confidentiality, encrypt your messages. There are various methods of encrypting messages in IBM® MQ depending on your needs.

Your choice of CipherSpec determines what level of confidentiality you have.

If you need application-level, end-to-end data protection for your point to point messaging infrastructure, you can use IBM MQ Advanced Message Security to encrypt the messages, or write your own API exit or API-crossing exit.

If you need to encrypt messages only while they are being transported through a channel, because you have adequate security on your queue managers, you can use SSL or TLS, or you can write your own security exit, message exit, or send and receive exit programs.

For more information about IBM MQ Advanced Message Security, see Planning for Advanced Message Security. The use of SSL and TLS with IBM MQ is described at SSL and TLS security protocols in IBM MQ. The use of exit programs in message encryption is described at Implementing confidentiality in user exit programs.