Security overview

When you are designing an IBM® Integration Bus application it is important to consider the security measures that are needed to protect the information in the system.

An important aspect of securing an enterprise system is the ability to protect the information that is passed from third parties. This capability includes restricting access to WebSphere® MQ and JMS queues. For information about the steps involved, refer to the documentation supplied by your transport provider. If you are using HTTPS, you need to set specific properties in the HTTP nodes. For information about this option, see HTTPInput node, HTTPRequest node, and HTTPReply node.

In addition to securing the transport, you can secure individual messages based on their identity. For more information about securing messages in a message flow, see Message flow security.

Some security configuration is required to enable IBM Integration Bus to work correctly and to protect the information in the system. For example, you can secure the messaging transport with SSL connections, restrict access to queues, apply WS-Security to web services, and secure access to message flows.

In addition, system administrators need IBM Integration Bus authorities that allow them to perform customization and configuration tasks, run utilities, perform problem determination, and collect diagnostic materials. For more information, see Authorizing users for administration

There are also several aspects of security to consider when you are setting up integration nodes running on Windows, Linux®, z/OS®, or UNIX platforms. For more information, see Integration node security.

System administrators can control users' access to integration node resources through the web user interface and REST API. Users can be assigned to roles, which have security permissions assigned to them. For more information about roles and web security, see Role-based security and Managing web user accounts.