Confidentiality

 

The application data in a message can be encrypted by an API exit when the message is put by the sending application and decrypted by a second API exit when the message is retrieved by the receiving application.

For performance reasons, a symmetric key algorithm is normally used for this purpose. However, at the application level, where many users might be sending messages to each other, the problem is how to ensure that only the intended receiver of a message is able to decrypt the message. One solution is to use a different symmetric key for each pair of users that send messages to each other. But this solution might be difficult and time consuming to administer, particularly if the users belong to different organizations. A standard way of solving this problem is known as digital enveloping and uses PKI technology.

When an application puts a message on a queue, an API exit generates a random symmetric key and uses the key to encrypt the application data in the message. The API exit encrypts the symmetric key with the public key of the intended receiver. It then replaces the application data in the message with the encrypted application data and the encrypted symmetric key. In this way, only the intended receiver can decrypt the symmetric key and therefore the application data. If an encrypted message has more than one possible intended receiver, the API exit can encrypt a copy of the symmetric key for each intended receiver.

If different algorithms for encrypting and decrypting the application data are available for use, the API exit can include the name of the algorithm it has used.

 

Parent topic:

The role of the API exit and the API-crossing exit in security


sy11510_