Overview of Advanced Message Security interception on message channels
On z/OS®, Advanced Message Security (AMS) interception enhances the existing offering by adding an additional option of security policy protection (SPLPROT) to sender, server, receiver, and requester channels.
Currently, using the example of a clearing house communicating with a bank, both sides of the
system need to support AMS, as shown in Figure 1.
A key benefit of the additional option is, that if your enterprise has AMS configured, and not all of your business partners support AMS, you can remove protection from outbound messages and protect inbound messages on channels to and from those business partners that do not support AMS.
Using the example of a clearing house and banks, this scenario is shown in Figure 2, where there is a message flow between the
clearing house, banks, and business partners where some institutions have AMS, and others do not.
Typically the channels are TLS enabled.
However, there might be a case where some banks and business partners do not support AMS, and there is a requirement to be able to exchange
messages between all banks and business partners. This scenario is shown in Figure 3