The differences between well-designed security and poorly designed security are not always readily apparent. Poorly designed systems give the appearance of being secure but can over-authorize users or allow access to non-users in subtle ways. The problem is that poorly designed security gives a false sense of confidence. In some ways, it is better to knowingly have no security than to have inadequate security believing it to be stronger than it actually is. But how do you tell the difference? Although it is not rocket science, designing and implementing strong security requires strong foundational skills, some examples to build on, and the capacity to devise new solutions in response to novel challenges. This IBM® Redbooks® publication addresses itself to the first two of these requirements. This book is intended primarily for security specialists and IBM WebSphere® MQ administrators that are responsible for securing WebSphere MQ networks but other stakeholders should find the information useful as well.
Chapters 1 through 6 provide a foundational background for WebSphere MQ security. These chapters take a holistic approach positioning WebSphere MQ in the context of a larger system of security controls including those of adjacent platforms' technologies as well as human processes. This approach seeks to eliminate the simplistic model of security as an island, replacing it instead with the model of security as an interconnected and living system. The intended audience for these chapters includes all stakeholders in the messaging system from architects and designers to developers and operations.
Chapters 7 and 8 provide technical background to assist in preparing and configuring the scenarios and chapters 9 through 14 are the scenarios themselves. These chapters provide fully realized example configurations. One of the requirements for any scenario to be included was that it must first
be successfully implemented in the team's lab environment. In addition, the advice provided is the cumulative result of years of participation in the online community by the authors and reflect real-world practices adapted for the latest security features in WebSphere MQ V7.1 and WebSphere MQ V7.5. Although these chapters are written with WebSphere MQ administrators in mind, developers, project leaders, operations staff, and architects are all stakeholders who will find the configurations and topologies described here useful.
The third requirement mentioned in the opening paragraph was the capacity to devise new solutions in response to novel challenges. The only constant in the security field is that the technology is always changing. Although this book provides some configurations in a checklist format, these should be considered a snapshot at a point in time. It will be up to you as the security designer and implementor to stay current with security news for the products you work with and integrate fixes, patches, or new solutions as the state of the art evolves.
Table of contents
Chapter 1. Introduction
Chapter 2. What is security
Chapter 3. Authentication and authorization
Chapter 4. Connection-level security
Chapter 5. Message-level security
Chapter 6. WebSphere MQ security controls
Chapter 7. Operating system specifics
Chapter 8. Scenario preparation
Chapter 9. Scenario: WebSphere MQ administration
Chapter 10. Scenario: Securing IBM WebSphere MQ connections to connect a business partner
Chapter 11. Scenario: Fine-grained cluster security
Chapter 12. Scenario: CRL/OCSP certificate revocation
Chapter 13. Scenario: End-to-end security using WebSphere MQ AMS
Chapter 14. Scenario: WebSphere MQ AMS revocation checking
Appendix A. Working with the itsoME message exit
Appendix B. Additional tooling for WebSphere MQ Internet pass-thru
Appendix C. Certificate administration techniques and special WebSphere MQ security checks
Appendix D. Additional material