Front cover WebSphere MQ Security in an Enterprise Environment Cross-platform security Secure Sockets Layer Message security Saida Davies Peter Rhys-Jenkins Hazel Fix Mayumi Kawashima John Scanlan Steven Lane ibm.com/redbooks International Technical Support Organization WebSphere MQ Security in an Enterprise Environment May 2003 SG24-6814-00 First Edition (May 2003) This edition applies to Version 3, Release 5, Modification 0 of WebSphere MQ. © Copyright International Business Machines Corporation 2003. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . .xi Trademarks . xii Preface . xiii The team that wrote this redbook. xiii Become a published author . xvi Comments welcome. xvii Part 1. Enterprise security . 1 Chapter 1. Project overview . 3 1.1 Security is a process . 5 1.2 Complexity. 5 1.3 Some notes on terminology. 6 1.3.1 Product names . 6 1.3.2 Security terminology . 6 1.4 Public key infrastructure (PKI). 7 Chapter 2. Planning. 9 2.1 Planning methodology. 10 2.1.1 Life cycle models. 10 2.1.2 Security engineering . 11 2.2 Perception . 14 2.2.1 The definition of security . 14 2.2.2 Myth 1: Security is a product. 14 2.2.3 Myth 2: Security can be implemented without much planning . 15 2.2.4 Myth 3: Security solutions can be considered in isolation. 15 2.2.5 Myth 4: Security is a combination of protection methods only . 16 2.3 Assets . 16 2.4 Threat assessment . 17 2.4.1 Threats against WebSphere MQ in an enterprise. 17 2.4.2 Threat modeling . 19 2.5 Risk assessment . 22 2.5.1 Assessing loss expectancy . 22 2.5.2 Other risk assessment methods . 23 2.6 Policy development . 23 2.6.1 Creating a security policy . 23 2.6.2 Anatomy of a security policy . 25 2.6.3 References for security policies and standards definitions . 27 © Copyright IBM Corp. 2003. All rights reserved. iii 2.7 Policy implementation . 27 2.7.1 What is a policy implementation document?. 27 2.7.2 Elements of a policy implementation document . 28 Chapter 3. Security technologies . 31 3.1 Getting certificates. 32 3.2 Submit a request for a certificate. 32 3.2.1 Using the HTTP server solution (iKeyman). 32 3.2.2 Using a CA in test mode . 33 3.2.3 Using Microsoft Windows 2000 certificate services . 33 3.2.4 Using OpenSSL . 33 3.2.5 Using Digital Certificate Manager (DCM) . 33 3.2.6 Using RACF . 33 3.3 Cryptographic co-processors . 34 3.4 Algorithms . 35 3.4.1 CipherSuites and CipherSpecs . 35 3.4.2 HASH and MAC . 36 3.4.3 Symmetric key encryption algorithms . 37 3.5 Lightweight directory access protocol (LDAP). 38 3.5.1 Differences between directories and databases . 38 3.6 KEYs and passwords . 39 3.6.1 Password strength . 39 3.7 SSL setup for WebSphere MQ . 40 3.8 Planning for SSL . 40 3.9 Preparing certificates. 41 3.9.1 Key repository . 41 3.9.2 Defining the certificate type for your system . 41 Chapter 4. Platform security. 45 4.1 z/OS security . 46 4.1.1 Overview of z/OS security. 46 4.1.2 z/OS Security Server. 48 4.1.3 Resource access control facility (RACF). 48 4.2 OS/400 security. 50 4.2.1 Object security . 50 4.2.2 System security. 51 4.2.3 Physical security . 51 4.2.4 Further reference . 52 4.3 AIX security . 52 4.3.1 User management and authorization . 52 4.3.2 Network security . 54 4.3.3 Trusted computing base (TCB) . 55 4.3.4 Further reference . 56 iv WebSphere MQ Security in an Enterprise Environment 4.4 Windows 2000 security . 56 4.4.1 Local logon process . 57 4.4.2 Active directory . 58 4.4.3 Network authentication . 59 4.4.4 Group policies . 60 4.4.5 Access control. 60 4.4.6 NTFS and the encrypted file system . 61 4.4.7 Public key infrastructure and certificate services . 61 4.4.8 Auditing . 62 4.5 WebSphere MQ security for z/OS . 63 4.5.1 Overview . ..