+

Search Tips | Advanced Search

Confidentiality of messages

Encrypting messages ensures that the contents of messages remains confidential. There are various methods of encrypting messages in IBM MQ depending on your needs.

For application-level, end-to-end data protection for the point to point messaging infrastructure, we can use Advanced Message Security to encrypt the messages, or write your own API exit or API-crossing exit.

The most secure solution is to provide end-to-end encryption, by encrypting a message from the point it is put by an application, to the point where it is got by the consuming application. This can be done using Advanced Message Security (AMS), or by writing your own API exit or API-crossing exit; see Implement confidentiality in user exit programs for more information.

For to encrypt messages only while they are being transported over a network, we can use TLS; see TLS security protocols in IBM MQ for more information, or we can write your own security exit, message exit, or send and receive exit programs to perform encryption.

For to encrypt messages at rest on a queue manager, you can use z/OS data set encryption on that queue manager; see Confidentiality for data at rest on IBM MQ for z/OS with data set encryption. for more information.

Parent topic: Securing IBM MQ


Related information

Last updated: 2020-10-04