2. 2014 2014 IBM Corporatio InB M CorporationPlease NoteIBMs
statements regarding its plans, directions, and intent are subject
to change or withdrawal withoutnotice at IBMs sole discretion.
Information regarding potential future products is intended to
outline ourgeneral product direction and it should not be relied on
in making a purchasing decision.The information mentioned regarding
potential future products is not a commitment, promise, or
legalobligation to deliver any material, code or functionality.
Information about potential future products maynot be incorporated
into any contract. The development, release, and timing of any
future features orfunctionality described for our products remains
at our sole discretionPerformance is based on measurements and
projections using standard IBM benchmarks in a
controlledenvironment. The actual throughput or performance that
any user will experience will vary dependingupon many factors,
including considerations such as the amount of multiprogramming in
the users jobstream, the I/O configuration, the storage
configuration, and the workload processed. Therefore, noassurance
can be given that an individual user will achieve results similar
to those stated here.
3. AbstractT his session will look at how security facilities
areprovided on WebSphere MQ for z/OS, including a lookat what
security is available, how it is activated/deactivated, what types
of resources can be protectedand an insight as to how WebSphere MQ
for z/OSdetermines which userids it uses for the checks
itperforms.
4. Security OverviewControlling Security for WebSphere MQ for
z/OSAccess ControlAdministrationSummaryAgenda
5. Security OverviewControlling Security for WebSphere MQ for
z/OSAccess ControlAdministrationSummaryAgenda
6. Security OverviewWhat are we trying to
achieve?Identification:- Being able to Identify uniquely a user of
a system or anapplication that is running in the
system.Authentication:- Being able to prove that a user or
application isgenuinely who that person or what that application
claims to be.Access Control:- Protects critical resources in a
system by limitingaccess only to authorised users and their
applications. It preventsunauthorised use of a resource or the use
of a resource in anunauthorised manner.Auditing:- Tracking who has
done what to what and when
7. Security OverviewConfidentiality:- Protects sensitive
information from unauthoriseddisclosure.Data Integrity:- Detects
whether there has been unauthorisedmodification of data. There are
two ways in which this canoccur,accidentally, through hardware or
transmission errors, or bydeliberate attack.'Non-Repudiation':- The
goal is usually to prove that a particularmessage is associated
with a particular individual.
8. WebSphere MQ for z/OS (non Queue Sharinggroups)z/OS z/OSIMS
CICS IMS
CICSBatchAPPLBatchAPPLIMSAPPLCICSAPPLCICSAPPLIMSAPPLQueueManager
AQueueManager BMOVERMOVERA1 A2B2B1links to other MQ systems
9. WebSphere MQ for z/OS Queue Sharing GroupsQSG
IMSmovermovermoverSQM1SQM2SQM3localpagesetslocalpagesetslocallogslocallogslocallogslocalpagesetsCICSBATCHmoverLQM1locallogsz/OSlocalpagesetsDB2MQCFSQ1MQ
10. Security Overview SAF to provide choice of External
Security Manager- RACF, ACF2, Top Secret, ...- WebSphere MQ has a
set of classes to hold profiles- Profiles provide access control
capabilities Features depend upon profiles used- z/OS control is
more granular than other systems Activate classes, and allow
generic profilesWebSphere
MQWebSphereMQPROFILESWebSphereMQPROFILESExternal Security
ManagerSAF- SETROPTS CLASSACT(...)- SETROPTS GENERIC(...)
12. Security Overview - continued...WebSphere MQ mixed case
RACF ClassesMXADMIN - Switch profiles, Command resource,Context and
Alternate User profilesMXQUEUE - Queue profilesMXPROC - Process
profilesMXNLIST - Namelist profilesMXTOPIC - Topic profilesNote:
There are no MX... versions of the MQCONN andMQCMDS classes
13. Security OverviewControlling Security for WebSphere MQ for
z/OSAccess ControlAdministrationSummaryAgenda
14. Controlling Security RACF Classes High Level Qualifiers
Shared Queue Manager Environment Security Switches- Switch
profiles- Options available under Queue Sharing Groups Queue
Sharing Group rules
15. Controlling Security - RACF ClassesWhat determines which
classes are used? Queue manager attributeSCYCASEThis can be set to
eitherUPPER - the default on migration and on a new Qmgr, thisuses
the MQ...versions of the classes (plus MXTOPIC)MIXED - this uses
the MX...versions of the classesMQ... and MX... classes are
mutually exclusive except forMXTOPIC can be used whether
SCYCASE(UPPER) orSCYCASE(MIXED) is specified as there is no
MQ...version !
16. Controlling Security - RACF ClassesWhat can be mixed case
in an MX... class ? the 'resourcename' part of a profile in one of
the
followingclassesMXADMINhlq.CONTEXT.resourcenamehlq.QUEUE.resourcenameMXPROC,
MXNLIST and
MXQUEUEhlq.resourcenameMXTOPIChlq.SUBSCRIBE.resourcenamehlq.PUBLISH.resourcename
17. Controlling Security - RACF ClassesHow do you change the
classes you are using? the Queue manager attributeSCYCASEThis can
be set to eitherUPPER - the default on migration and on a new Qmgr,
thisuses the MQ...versions of the classes (plus MXTOPIC)MIXED -
this uses the MX...versions of the classes issue a REFRESH SECURITY
command ( more later )BUT first :-Ensure you have all the RACF
profiles defined that you need inthe appropriate classes
18. Controlling Security - High Level QualifiersQueue Manager
qualified profilesQueue Manager profiles use the queue manager name
as the highlevel qualifier for example:- qmgr.profile.name and
their scope islimited to the named Qmgr.Queue Sharing Group
qualified profilesQueue sharing group profiles will use the queue
sharing group id astheir high level qualifier instead of a queue
manager name forexample: - qsg.profile.name and their scope is the
named QueueSharing Group.
19. Controlling Security - Shared Queue Manager Environment DB2
Setting up Resources in DB2 Connection to DB2 Access to DB2
resources Coupling Facility Setting up the Coupling Facility Access
to the Coupling Facility Queue Sharing Groups (QSG) Setting up
QSG's Joining a QSG
20. Controlling Security - Switch ProfilesGranular control of
securitycheckingSubsystem securityhlq.NO.SUBSYS.SECURITYQmgr or QSG
Securityhlq.NO.QMGR.CHECKShlq.NO.QSG.CHECKSIn QSG also have 'YES'
switchprofilesssid.YES.typeThese profiles are only used if youhave
chosen to have both Qmgr andQSG checking active and need tooverride
a Qsg level profile on agiven Qmgr.The hlq on these profiles is
always'ssid' - in other words the qmgr ID** You cannot set both
QMGR & QSG to OFF together - if you try this you will getboth
Qmgr and Qsg security activated **
21. Controlling Security - Switch ProfilesConnection
Securityhlq.NO.CONNECT.CHECKSMQ Command
Securityhlq.NO.CMD.CHECKShlq.NO.CMD.RESC.CHECKSMQ API
Securityhlq.NO.QUEUE.CHECKShlq.NO.PROCESS.CHECKShlq.NO.NLIST.CHECKShlq.NO.CONTEXT.CHECKShlq.NO.ALTERNATE.USER.CHECKShlq.NO.TOPIC.CHECKSAll
defined in the MQADMIN class or MXADMIN classAll switch profiles
are uppercase regardless of class
22. Controlling Security - Security Switch
optionsQMGRLocalQMGR?SharedQMGR?QmgronlyQMGRonly?QSGonly?QMGR&
QSG? Not QSG ssid only Queue Sharing Group Up to three profiles
looked for when checking for:Subsystem securityQueue Manager
securityQSG security
23. Controlling Security - Security Switch optionsQmgrlocal
sharedqmgr
qmgrssid.NO.SUBSYS.SECURITYqsg.NO.SUBSYS.SECURITYssid.YES.SUBSYS.SECURITYnot
foundnot foundfoundfoundset Subsys securityOFF on this qmgrfound
not foundssid.NO.SUBSYS.SECURITYfound not foundSet Subsyssecurity
OFFon this qmgrset Subsyssecurity ONon this qmgrset Subsyssecurity
OFFon this qmgrset subsyssecurity ONon this qmgrset Subsys
securityONon this qmgr123
24. Controlling Security - Security Switch optionsShared Queue
Environmentsubsysssid.NO.QMGR.CHECKSqsg.NO.QMGR.CHECKSset
QMGRsecurity OFFon this qmgrssid.YES.QMGR.CHECKSnot foundnot
foundfoundfoundfound not foundset QMGRsecurity OFFon this qmgrset
QMGRsecurity ONon this qmgrset QMGRsecurity ONon this qmgrON
456
25. Controlling Security - Switch OptionsShared Queue
Environmentsubsysssid.NO.QSG.CHECKSqsg.NO.QSG.CHECKSset QSG
securityOFF on this qmgrssid.YES.QSG.CHECKSnot foundnot
foundfoundfoundfound not foundset QSG securityOFF on this qmgrset
QSG securityON on this qmgrset QSG securityON on this qmgrON
789
26. Controlling Security - Queue Sharing GroupsRules default is
check ssid profiles before qsg profiles ssid.YES switch profiles
override qsg.NO switch profiles QMGR checks switch ON / QSG checks
switch OFF means ONLY profiles with ahlq of ssid will be used QSG
checks switch ON / QMGR checks switch OFF means ONLY profiles with
hlqof qsg will be used You cannot set security OFF by setting both
QMGR & QSG checking OFF together -it will default both ON Once
the QMGR and QSG switches have been determined then the
remainingswitch profiles are checked following the QMGR/QSG rules
Once the Shared Queue Manager is up and running all security checks
aregoverned by the setting of the individual switch for that type
of security and theQMGR/QSG switch state If both QMGR and QSG
switches are ON then a hlq of ssid will be used first and ifnot
found then a hlq a qsg will be used on the security check
27. Security OverviewControlling Security for WebSphere MQ for
z/OSAccess ControlAdministrationSummaryAgenda
28. Access Control Connection Security Reslevel Security API
security covering profiles and userids checked Link Level
Security
29. Access Control - Connection security Profiles are held in
the MQCONN class One profile per adapter
typehlq.BATCHhlq.CICShlq.IMShlq.CHINConnection type Userid
usedBatch The TSO Userid READ access required by adapter Connection
profiles are always uppercaseThe Userid assigned to the batch job
via the USER JCL parmThe Userid assigned to the started task by the
STARTED class orthe started procedures tableCICS The CICS address
space UseridIMS The IMS region UseridChannel Initiator The Channel
Initiator address space Userid
30. Access Control - RESLEVEL ProfileSingle profile per Queue
Manager or Queue Sharing Group inthe MQADMIN class or MXADMIN class
and looks likehlq.RESLEVELControls the number of userids used for
access control onMQ API Resource SecurityExecuting userids access
to RESLEVEL profile determinesthe number of userids - last for the
life of that connectionThe RESLEVEL profile is always
uppercase
31. Access Control - MQ API SecurityAccess to ResourcesThis can
be controlled by more than one profile and caninvolve several
security checks depending on the set up.Profiles used for Resource
security checking are held inthe following classesMQPROC or MXPROC
- ProcessesMQNLIST or MXNLIST - NamelistsMQQUEUE or MXQUEUE -
QueuesMQADMIN or MXADMIN - Context and Alternate UseridsMXTOPIC -
Topics
32. Access control - MQ API SecurityProcesses and Namelists
Security - are opened for inquiry onlyMQPROC or MXPROC class -
profiles look likehlq.processnameREAD access required by
userid(s)In the MXPROC class 'processname' can be mixed caseMQNLIST
or MXNLIST class- profiles look likehlq.namelistnameREAD access
required by userid(s)In the MXNLIST class 'namelistname' can be
mixed case
33. Access Control - MQ API SecurityQueue SecurityProfiles are
held in the MQQUEUE or MXQUEUE class andlook likehlq.resourcenameIn
the MXQUEUE class 'resourcename' can be mixed caseA profile can
protect a single Local queue on a local Qmgr several Local queues
of the same name on differentShared qmgrs in a QSG a single Shared
queue in a QSGa remote qmgr for fully qualified Remote Queuesexcept
cluster queues !
34. Access Control - MQ API Security - Queues Access required
to the profile is dependent upon theMQOPEN, MQPUT1, or MQSUB
optionsOption Access requiredInquire, browse READSet ALTERAll
others (including allUPDATEcontext options)DEFINE SUB command can
cause a security check against a queue totake placeAccess
granularity on z/OS is different to that on distributedplatforms,
it is not as granular.MQGET has the same access as MQPUT, so if you
need to distinguishbetween 'putters' and 'getters' you can use
alias queues to do this.
35. Access Control - MQ API Security - QueuesQueues that may
required additional considerationDynamic queuesMQOPEN for dynamic
queues require access to multipleprofiles Model queue profile and
Dynamic queue profileMQCLOSE checking for permanent dynamic
queuesAlias QueuesAlias queues that resolve to topics are different
to Aliasqueues that resolve to queuesDead Letter QueuesSystem
QueuesRemote QueuesManaged QueuesNo security checks
36. Access Control - MQ API Security - TopicsTopic
SecurityProfiles are held in the MXTOPIC class and look
likehlq.SUBSCRIBE.resourcenamehlq.PUBLISH.resourcenameIn the
MXTOPIC class 'resourcename' can be mixed caseChecks take placeWhen
an application Subscribes or Publishes to a Topic using anMQSUB,
MQOPEN or MQPUT1When an application close removes a subscription
using anMQCLOSE
37. Access Control - MQ API Security - TopicsAccess required to
the profile is dependent upon theMQSUB options:-Option Access
requiredResume READCreate or Alter ALTERNearest parent Topic object
resource that has securityassociated with it that is checkedmay
involve more than one check, depends on the structureof the topic
tree
38. Access control - MQ API SecurityMQADMIN or MXADMIN class -
the profiles look likehlq.CONTEXT.queuenameControls access to MQMD
context fieldsAccess required to profile is dependent upon which
contextoptions are requested on the MQOPEN or MQPUT1 callDetermines
if the MQSD context fields are used on MQSUBIn MXADMIN 'queuename'
can be mixed casehlq.ALTERNATE.USER.alternateuseridControls the use
of an alternate useridTo use an alternate userid you need UPDATE
access toappropriate profile. You should have one profile per
QueueManager or Qsg per alternate useridIn MXADMIN alternate userid
profiles are always uppercase
39. Access Control - API Security - UseridsAll API access
control is userid based and Userids areenvironment dependentBatch -
Job UseridCICS - Address space userid, Transaction useridIMS -
Address space userid, 'Second' useridMover - Channel Userid, MCA
UseridIGQ - Intra-group Queuing Userid, Sending Queue
ManagerUseridAll have the possibility of using an Alternate Userid
toothe userid from the MQMD UserIdentifier field of the messagethe
userid from the MQSD AlternateUserid field on an
MQSUBrequestRESLEVEL profile controls number of userids
checked
40. How to read User ID Tables1 check 2 checksProfile
namessid.ALTERNATE.USER.alternateuserids---sid.CONTEXT.queuenamessid.resourcename
ID1ID1+ID2ID1+ID2ID1---Question to choose1 checkKey:NO
YESID1ID1ID1ID1+ID2ID1+ID2ID1+ALTcolumn1Alternate Userid specified
on Open or Sub?2 checks2RESLEVEL todeterminenumber ofchecksRACF
access level Level of checkingNONE Check two useridsREAD Check one
useridUPDATE Check one useridCONTROL No CheckALTER No CheckKey
details actual userIDs 3
41. Access Control - Userids - Channel SecurityChoice dependant
on PUTAUT (DEF|CTX|ONLYMCA|ALTMCA)MCA User ID(MCA)The userid
specified for the MCAUSER channel attribute at the receiver,
ifblank , the channel initiator address space userid of the
receiver or requesterside. Can also be set by CHLAUTH
records.Channel user ID (CHL)Receiving channel using TCP/IPUserid
of the channel Initiator address space of the receiver or requester
end if PUTAUTparameter set to DEF or CTX.Receiving channel using
APPC(LU6.2)Requester/server channels - started from the requester,
userid of the Channel Initiatoraddress space of the receiver or
requester end is usedOther channel types - the userid received from
the communications system is used. If aUserid received is blank ,
or no userid is received then a channel userid of blank is
used.
42. Access Control - Userids - Channel Security Channel user ID
(CHL) cont. MCA Userid of the receiver or requester is used if
PUTAUT set toONLYMCA or ALTMCA. SSL derived Userid if SSL is set on
channel Alternate User ID (ALT) The userid specified in the
UserIdentifier field in the messagedescriptor of the message
43. Userids - Client Channel SecurityChoice dependant on
PUTAUTMCA User ID (MCA) The userid specified for the MCAUSER
channel attribute of the server-connection,if blank, the user
received from the client is used, if nonesent, the channel
initiator address space userid is used. Can also beset by CHLAUTH
records. The client will send the logged on user ID.For 'old'
clients user ID provided with MQ_USER_ID environment variableFor
Java use MQEnvironment.userIDChannel user ID (CHL) As for MCA
channelsAlternate User ID (ALT) The userid specified in the
UserIdentifier field in the messagedescriptor of the message
44. Access Control - Userids - IGQ security IGQAUT
(DEF|CTX|ONLYIGQ|ALTIGQ) Intra-Group Queuing user ID (IGQ) The user
ID determined by the IGQUSER attribute of the receiving
queuemanager.If this is set to blanks, the user ID of the receiving
queue manager is used.However because the receiving queue manager
has authority to access allqueues defined to it, security checks
are not performed from the receivingqueue manager's user ID.
Sending queue manager user ID (SND) The user ID of the queue
manager within the queue- sharing group that put themessage on to
the SYSTEM.QSG.TRANSMIT.QUEUE Alternate User ID (ALT) The user ID
specified in the UserIdentifier field in the message descriptor of
themessage
45. MQ Command Security - Two Types MQCMDS class - profiles
look like hlq.verb.pkwe.g. hlq.DEFINE.QLOCAL hlq.DEFINE.CHANNEL
Access required to profile is dependsupon the verb and is usually
ALTER orCONTROL Controls who is allowed to issue eachindividual
command Profiles always uppercase MQSC and PCF MQADMIN or MXADMIN
class- command resource profileslook like hlq.type.resourcenamee.g.
hlq.QUEUE.queuename hlq.CHANNEL.channelname Access required to
profile dependsupon the verb and is usually ALTER orCONTROL
Controls which resources a user canissue given commands against
'resourcename' can be mixed inMXADMIN MQSC and PCFTogether they
allow very granular control over MQ commands
46. Access control - Command Security - Userids..Command
checking, Cmd Resource checkingCSQINP1 & CSQINP2 - no
checksSystem Command Queue - MQMD.UserIdentifierConsole - Console
useridSDSF/TSO - TSO, address space useridCSQUTIL - address space
useridCSQINPX - Channel Initiator address space useridAccess
required to system queues
51. Administration - MQ Commands - DISPLAYDISPLAY SECURITY
ALL|INTERVAL|SWITCHES|TIMEOUTDisplays the current security settings
active on your queue manager.Includes a message which will show
either:CSQH001I !MQ19 CSQHINSQ Security using uppercase
classesorCSQH001I !MQ19 CSQHINSQ Security using mixed case
classesShows which security switches are ON/OFF:CSQH024I !MQ19
CSQHIS1C TOPIC security switch set ON,
profile'MQ19.NO.TOPIC.CHECKS' not foundorCSQH021I !MQ19 CSQHIS1C
TOPIC security switch set OFF, profile'MQ19.NO.TOPIC.CHECKS'
found
52. Administration - MQ Commands - REFRESHREFRESH
SECURITY(*|MQADMIN,MQQUEUE,MQPROC,MQNLIST,MXADMIN,MXQUEUE,MXPROC,MXNLIST,MXTOPIC)TYPE(CLASSES|AUTHSERV|SSL|CONNAUTH)Command
qualifier* defaultTYPECLASSES - default on z/OSAUTHSERV - default
on non z/OS platformsSSL - refreshes cached view of the SSL key
repository, locations ofLDAP servers for Certificate Name
Revocation and the keyrepositoryCONNAUTH - Refreshes the cached
view of the configuration forconnection authentication.
53. Administration - MQ Commands - REFRESHYou can only issue a
REFRESH command for a class thatmatches the case that is currently
set in the Queue managerSCYCASE parameterCSQH013E !MQ19 CSQHSREF
case conflict for class 'classname'If you change information in any
of the RACF MQ Classes youmust issue the followingSETROPTS
RACLIST(classname,classname,...) REFRESHSETROPTS
GENERIC(classname,classname,...) REFRESHin addition to the MQ
Refresh command to pick up the changes tothe RACF profiles
55. Administration - Security MessagesSecurity Messages are
issued duringQmgr StartupSecurity Messages written at
startupRefresh SecuritySecurity messages written during
RefreshDisplay SecurityShortened messages issued during Display to
fit in withpanels
56. Administration - RESLEVEL AuditingReslevel AuditingZPARM
parameter RESAUDIT(YES/NO)Determines whether a RACF RACROUTE
REQUEST=AUDITrequest is performed for each RESLEVEL inquiry that
takesplace. This request produces General Audit records
(eventnumber 27).
60. Miscellaneous - IMS Bridge - continued...FACILITY
classIMSXCF.xcfgname.xcfmname1WebSphere MQ/IMS connection security
IMSXCF.xcfgname.WebSphere MQ_member_name WebSphere MQ userid
requires READ access to thisprofile2 IMS level of authentication -
application level IMSXCF.xcfgname.IMS_member_name Security
processing dependent upon WebSphere MQ'saccess to this
profile/SECURE OTMA Controls userid processing done by IMSWebSphere
MQ system parameters CSQ6SYSP ... OTMACON=(,,,Age,)
61. Miscellaneous - IMS Bridge - continued...PassTickets The
PassTicket application name to validate against is specified onthe
storage class definition (PASSTKTA of STGCLASS) If no value is
specified then no value passed to RACF As storage class definition
is QSGDISP(LOCAL) the value is takenfrom the Qmgr so for Shared
Queues each Qmgr can specify thesame or a different value
Application name can be anything acceptable to RACF - as per
rulesof PTKTDATA class
62. Miscellaneous - CICS 3270 BridgeWebSphere MQ
CICS/TSUserid/Password supplied to 3270 transactionPassword
verified if presentSurrogate checking otherwiseBRIDGEMONITOR3270
TRANUnit of
WorkTERMiNALCONTROLCMDSINQ/SETTERMINALBridgeExitFormatterBrowseReplyMQGETSTART
BREXIT( ... ) TRANSID( ... )BRIDGE FACILITY
65. MQ Security controls connectionsCICS / IMS adapters can
pass transactionuserids, but...MQ assumes transaction mgr
authenticatedthe useridSpecific userid / password authentication
forWAS client connectionsProvided as sample security exit,
CSQ4BCX3,source and LMODDoes USS BPX1PWD call to RACF on
CHLstartSuccess => chl runs under authenticateduserid MQOPEN
auth checks Context userid in MDWritten for WAS, but applicable to
any clientapplicationcreateQueueConnection(userid, password)
;createSender(requestQueue) ;FAP UserID
flowMQCHINCHLTYPE(SVRCONN)SCYEXIT(CSQ4BCX3)RACFN(usMQOPEerid)What
is it?
66. Security OverviewControlling Security for WebSphere MQ for
z/OSAccess ControlAdministrationSummarySummary
67. Z1: IBM WebSphere MQ for z/OSSecurityQuestions?
68. For Additional Information 2014 IBM Corporation IBM
Training http://www.ibm.com/training IBM WebSphere
http://www.ibm.com/software/websphere/
http://www.ibm.com/software/products/ibm-mq IBM developerWorks
http://www.ibm.com/developerworks/websphere
https://www.ibm.com/developerworks/community/blogs/messaging
WebSphere forums and community
http://www.ibm.com/developerworks/websphere/community/
69. IBM MQ Sessions this week10:30 - 12:00 13:15 - 14:15 14:30
- 15:30 16:00 - 17:00 17:15 - 18:15 2014 IBM
CorporationTuesdayOpening General Session- IBM Digital
Experienceand WebSphere Technical UniversitySession A31: IBM
MQCHLAUTH rules withMQ V8 updatesSpeaker: Morag HughsonRoom
02Session A4: WebSphere MQfor z/OS: Performance
andAccountingSpeaker: Alexander RossRoom 8Session I26:
DataPower-MQConnectivity Deep Dive(Theory)Speaker: Robin WileyRoom
27Session Z1: WebSphere MQfor z/OS V8: Latest FeaturesDeep
DiveSpeaker: Damon CrossRoom 69:00 - 10:00 10:30 - 11:30 11:45 -
12:45 14:00 - 15:00 15:15 - 16:15 16:45 - 17:45WednesdaySession Z5:
WebSphereMQ for z/OS: SecuritySpeaker: Damon CrossRoom 02Session
A21: What'sNew in IBM MessagingSpeaker: Morag HughsonRoom 8Session
C7: Messaging inthe Cloud with IBM MQLight and IBM BluemixSpeaker:
Rob NicholsonRoom 27Session A17: Managing work-loads,scaling and
availabilitywith IBM MQ clustersSpeaker: David WareRoom 6Lab IL5:
DataPower-MQ Connectivity Deep Dive (Hands-On)Speaker: Robin
WileyRoom 7bSession A9: WebSphere MQfor z/OS: The Inside
StorySpeaker: Damon CrossRoom 6ThursdaySession A35: How toDevelop
ResponsiveApplications with IBMMQ LightSpeaker: Rob NicholsonRoom
27Session A22: New IBMMQ V8 Security FeaturesSpeaker: Morag
HughsonRoom 01Session A3: WebSphere MQfor z/OS: Shared
QueuesSpeaker: Alex RossRoom 6Session A18: Using Publish/Subscribe
with IBM MQSpeaker: David WareRoom 27FridayLab AL6: Developing a
First Application with IBMWebSphere MQ LightSpeakers: Robert
Nicholson, Alex RossRoom 7bSession A16: UsingIBM MQ Pub/Sub in anMQ
networkSpeaker: David WareRoom 6
70. Z5: IBM WebSphere MQ for z/OSSecurityThank you!