ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Java / JMS » MQ Security

Post new topic  Reply to topic
 MQ Security « View previous topic :: View next topic » 
Author Message
pmane
PostPosted: Tue Oct 30, 2001 10:57 pm    Post subject: Reply with quote

Acolyte

Joined: 17 Oct 2001
Posts: 50

1. I am working on MQ 5.2 for Solaris. I understand that MQ dose not provide any security on its own . I will need a DCE 3.1 for doing same. DCE provides authentication for the MQ users . Dose any one know any thing else other than DCE which can provide me with server to server authentication with out using DCE ?
2. Can I download DCE 3.1 for Solaris ? Where is the link for the same ?
3. Is MQ secure enough to be used in financial applications ?
4. Which encryption algos are used by the user exists supplied with DCE ? If I want to write my own user exist in Java in binding mode can I do that ?

Back to top
View user's profile Send private message
middlewareonline
PostPosted: Wed Oct 31, 2001 9:09 am    Post subject: Reply with quote

Acolyte

Joined: 09 Jul 2001
Posts: 73

1. I am working on MQ 5.2 for Solaris. I understand that MQ dose not provide any security on its own . I will need a DCE 3.1 for doing same. DCE provides authentication for the MQ users . Dose any one know any thing else other than DCE which can provide me with server to server authentication with out using DCE ?

You could write your own stuff in Security Exits.

2. Can I download DCE 3.1 for Solaris ? Where is the link for the same ?

You may have to buy it. It is NOT free.

3. Is MQ secure enough to be used in financial applications ?

Depends what the requirements are. Not all the Financial institutions are alike.

4. Which encryption algos are used by the user exists supplied with DCE ? If I want to write my own user exist in Java in binding mode can I do that ?

Yes you can. Buy RSA kit to do whatever others are doing on your own. Or I can do it for you .....

Chris
MiddlewareOnline.COM
Back to top
View user's profile Send private message Visit poster's website
pmane
PostPosted: Wed Oct 31, 2001 6:38 pm    Post subject: Reply with quote

Acolyte

Joined: 17 Oct 2001
Posts: 50

Thanks for your reply. But can you please make few more things clear .

1.Security exits are for encryption . I want something for user authentication. And I would like it to be more secure than simple static password verification. Can I make use of digital certificates to identify the server ?What I understand is DCE is some thing close to what I want but am not sure if any other product exists ?

2.I understand that DCE 3.1 will cost me some thing , but what I do not understand is can I get a trail download on IBM web-site ? I have searched for it and I am not able to get one . All I get is Fix’s for the same.

3.My financial application is doing funds transfer via MQ messages on internet (with Ipsec) . My only worry is any one can request the funds transfer if he is having valid information of the system.

4.I understand that I can use RSA BSAFE Crypto J , what I am not clear is how much DCE will do ? I need 3DES or RC4 128 bits . I am not getting any documentation which mentions that this is possible with DCE.


Back to top
View user's profile Send private message
kolban
PostPosted: Wed Oct 31, 2001 7:00 pm    Post subject: Reply with quote

Grand Master

Joined: 22 May 2001
Posts: 1072
Location: Fort Worth, TX, USA

You said:

1.Security exits are for encryption . I want something for user authentication. And I would like it to be more secure than simple static password verification. Can I make use of digital certificates to identify the server ?What I understand is DCE is some thing close to what I want but am not sure if any other product exists ?


The security exits can be used in many, many ways. This includes full function authorization using an exchange of information between the requestor and the receiver. Security exits are rarely used for encryption, almost always for authentication services.

For example, an incoming channel connect request arrives, this could trigger the receivers security exit which asks the requestor for more information which it supplies ... this can go back and forth until both parties have mutually authenticated themselves to each other.
Back to top
View user's profile Send private message
middlewareonline
PostPosted: Thu Nov 01, 2001 11:04 am    Post subject: Reply with quote

Acolyte

Joined: 09 Jul 2001
Posts: 73

1. Kolban has answered that
2. You should ask IBM to give you a freebee ( I doubt, but again it's IBM)
3. If your application is doing fund transfer over the internet, I think you are looking for more than DCE. You are looking for Certificates, Cookies, Https Tunneling ( DCE won't give you this).

4. As I said, RSA provides 128 bit all sort of cool encryption including digital certificates.

MiddlewareOnline.COM
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Java / JMS » MQ Security
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.