MQ Technical Conference. September 2018. Powerpoint.
“MQ Security: A Holistic Approach“ (46 slides).
This Conference presentation first provides an overview of essential security concepts: Entities, Identities, Authentication, Authorization, and Audit. The presentation then goes on to describe how these concepts map to MQ features. MQ security capabilities covered include SSL/TLS processing, Connection Authentication, Channel Authentication, Object Access Manager (OAM), Security Exits, Advanced Message Security (AMS), Event Queues, and Logs. All MQ capabilities discussed are mapped back to the essential security concepts that they support.
The available MQ security features are then described in the context of both local Applications (Server Bindings) and Client Connections using TCP/IP (Client Bindings). Finally, this presentation places MQ security within a larger context. Additional MQ issues impacting security (Clustering, Triggering, and Command Server) are covered. Finally, external security issues such as physical security, enterprise Single Sign-On (SSO), Operating System and file system security, are mentioned to define the context within which MQ security exits.
This presentation is designed to provide an overview of MQ security and to create a framework in which the individual MQ security features can be analyzed and implemented. Each of the individual security features covered could be, and already have been, individual presentations in their own right. By the end of the presentation, the viewer should have a basic understanding of security concepts, the MQ features available to implement those concepts, and the way in which the various features can be configured to implement the required security.