| Author |
Message
|
| npvmq |
 Posted: Sun Apr 25, 2004 8:36 pm Post subject: Message-level security with Channel exits ?? |
 |
|
Novice
Joined: 20 Feb 2004
Posts: 10
Location: US
|
Hi,
We deal with 3rd parties and we will receive messages from their Qmgrs. We have planned to use SSL to provide link-level security. In addition to that we are also worried about message-level security.
I have gone through the MQ Security manual and it mentions vaguely that Channel exits in conjuction with UserID attribute of MQMD, can be used to provide some level of message level security. Is there any other manual or source where I can get more information about it?
Any advice .....
Thanks,
npvmq |
|
| Back to top |
|
 |
| Michael Dag |
| Posted: Mon Apr 26, 2004 3:19 am Post subject: |
|
|
Jedi Knight
Joined: 13 Jun 2002
Posts: 2607
Location: The Netherlands (Amsterdam)
|
what kind of message level security are you looking for?
- partner verification/non repudiation
- message integrity
- message encryption
- etc?
_________________
Michael
MQSystems Facebook page |
|
| Back to top |
|
|
| npvmq |
| Posted: Mon Apr 26, 2004 5:08 am Post subject: |
|
|
Novice
Joined: 20 Feb 2004
Posts: 10
Location: US
|
Hi Michael,
I should say we want to have a higher level of partner identification. We not only want to identify the partner using his UserId field in the MQMD header but also authenticate the user by having him mention his password (encrypted) in the message data.
Once we have his UserId and password we can authenticate that the partner is sending the correct message (not spoofing any other parties message). I am not sure if we can do the above using message exits on the receiver MCA or in our applications after we get the messages.
Thanks,
npvmq |
|
| Back to top |
|
|
| kaching |
| Posted: Mon Apr 26, 2004 6:03 am Post subject: |
|
|
Newbie
Joined: 27 Feb 2004
Posts: 4
Location: India
|
| You can have the client pass the userid and password through AgentBuffer as part of the arguments to the exit and cross check the same with what is maintained in database. Your server code can accept or reject the connection based on this. |
|
| Back to top |
|
|
| mqonnet |
| Posted: Mon Apr 26, 2004 6:31 am Post subject: |
|
|
Grand Master
Joined: 18 Feb 2002
Posts: 1114
Location: Boston, Ma, Usa.
|
It looks to me that you want "link-level" security using message exits. Message level security comes into picture only when dealing with the actual message authentications. But in this case, since you want authentication to be performed by the MCA using a message exit, it is a link-level security.
But, yes, you could do what you suggested in a message exit too. But the only problem would be, how would you treat those messages put by unauthorized individuals. You have to be very careful in designing such events. Cannot go and close channels at each such message. At the same time, if you put the message to the DLQ, how would you notify the remote end user that his/her message was not accepted. May be generate a COA somehow. Or have the dlq handler to send a response back.
Authentication on a channel is always a critical issue and has to be dealtwith appropriately.
As an alternative you could use API exits at the remote end and may be reply back to the sender with the results.
Just some thoughts, may not be 100% relevant to your needs and design, but may help.
Cheers
Kumar |
|
| Back to top |
|
|
| npvmq |
| Posted: Mon Apr 26, 2004 6:57 am Post subject: |
|
|
Novice
Joined: 20 Feb 2004
Posts: 10
Location: US
|
Hi Kumar,
Message authentication is our priority. If I am understanding it correctly, are u mentioning that I use the message authentication (using User Id and encrypted password) on our receive application where we get the messages ?? So Here: If a message is not authenticated, we want to drop it and notify the sender.
This would keep me away from channel stoppage and other problems that I will have to face if I do the above using message exit on the receive side.. Is my understanding right ??
Thanks for your comments.
-npvmq |
|
| Back to top |
|
|
| mqonnet |
| Posted: Mon Apr 26, 2004 7:04 am Post subject: |
|
|
Grand Master
Joined: 18 Feb 2002
Posts: 1114
Location: Boston, Ma, Usa.
|
Yes, you got it right.
But again, i am just throwing some options here and not saying that you follow one and not the other. Its purely upon your requirement and needs that you design your system.
If your sole purpose here is to do the message authentication, since you say you already have set up SSL to do the link-level security which would take care of most of the security issues, then its better to design something on the receiving end rather than on the MCA. Since that would reduce the overhead of taking into consideration of what to do when we have an unauthorized user trying to put message type scenario.
Better to put the message and then verify the message on the receiving end, either in your get app or using an api exit. If the message was put by a non-authorized user, then just reply back saying the message was not processed to the user.
Again, am not saying this is the best solution for this scenario. But just my thoughts.
Cheers
Kumar |
|
| Back to top |
|
|
|
|
