Multicast security
Use this information to understand why security processes might be needed with IBM MQ Multicast.
IBM MQ Multicast does not have in-built security. Security checks are handled in the queue manager at MQOPEN time and the MQMD field setting is handled by the client. Some applications in the network might not be IBM MQ applications (For example, LLM applications, see Multicast interoperability with IBM MQ Low Latency Messaging for more information), therefore you might need to implement your own security procedures because receiving applications cannot be certain of the validity of context fields.
There are three security processes to consider:
- Access control
-
Access control in IBM MQ is based on user IDs. For more information on this subject, see Access control for clients.
- Network security
- An isolated network might be a viable security option to prevent fake messages. It is possible for an application on the multicast group address to publish malicious messages using native communication functions, which are indistinguishable from MQ messages because they come from an application on the same multicast group address.
It is also possible for a client on the multicast group address to receive messages that were intended for other clients on the same multicast group address.
Isolating the multicast network ensures that only valid clients and applications have access. This security precaution can prevent malicious messages from coming in, and confidential information from going out.
For information about multicast group network addresses, see: Set the appropriate network for multicast traffic
- Digital signatures
- A digital signature is formed by encrypting a representation of a message. The encryption uses the private key of the signatory and, for efficiency, usually operates on a message digest rather than the message itself. Digitally signing a message before an MQPUT is a good security precaution, but this process might have a detrimental effect on performance if there is a large volume of messages.
Digital signatures vary with the data being signed. If two different messages are signed digitally by the same entity, the two signatures differ, but both signatures can be verified with the same public key, that is, the public key of the entity that signed the messages.
As mentioned previously in this section, it might be possible for an application on the multicast group address to publish malicious messages using native communication functions, which are indistinguishable from MQ messages. Digital signatures provide proof of origin, and only the sender knows the private key, which provides strong evidence that the sender is the originator of the message.
For more information on this subject, see Cryptographic concepts.
Parent topic: Plan security by topology