Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards

Hi Sebastian,

They are if you tell MQ that is what you want. You may have heard of a feature called Advanced Message Security (AMS). If this feature is used, then message data is encrypted before it leaves the putting application process, and thus remains encrypted when in queue manager buffers, in queue data files, and everywhere in between until the message reaches an authorised getting application process, and at that point it is decrypted. Even if the queue manager is stopped and restarted.

To read more about AMS, this is a good starting point in IBM Docs:-

• Advanced Message Security

Hope that helps.

Cheers,
Morag

Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards

Hey Morag,

thank you for the quick reply, that seems to be exactly what I was looking for. I'll install it and play around.

Do you, by chance, have any performance reports or presentations that cover that aspect?

Hi Sebastian,

They are if you tell MQ that is what you want. You may have heard of a feature called Advanced Message Security (AMS). If this feature is used, then message data is encrypted before it leaves the putting application process, and thus remains encrypted when in queue manager buffers, in queue data files, and everywhere in between until the message reaches an authorised getting application process, and at that point it is decrypted. Even if the queue manager is stopped and restarted.

To read more about AMS, this is a good starting point in IBM Docs:-

• Advanced Message Security

Hope that helps.

Cheers,
Morag

Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards

An IBM Official performance report for some of AMS, specifically the new Confidentially policy can be read here. That particular policy was designed for people who were put off by the cost of the gold standard, single use encryption keys. It will certainly give you a flavour as it does show the costs of each of the different policy types.

Cheers,
Morag

Hey Morag,

thank you for the quick reply, that seems to be exactly what I was looking for. I'll install it and play around.

Do you, by chance, have any performance reports or presentations that cover that aspect?

Hi Sebastian,

They are if you tell MQ that is what you want. You may have heard of a feature called Advanced Message Security (AMS). If this feature is used, then message data is encrypted before it leaves the putting application process, and thus remains encrypted when in queue manager buffers, in queue data files, and everywhere in between until the message reaches an authorised getting application process, and at that point it is decrypted. Even if the queue manager is stopped and restarted.

To read more about AMS, this is a good starting point in IBM Docs:-

• Advanced Message Security

Hope that helps.

Cheers,
Morag

Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards

Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards

Hey there MQ people,

we recently had a discussion about security. I have browsed the documenation but I was unable to find a definitive answer.

Are messages, which are stored in so called queue data files (?) encrypted? Especially in a scenario e.g.

Persistent messages put into a queue, the queuemanager bounces or has a scheduled maintenance, are the stored messages encrypted?

Kind regards