This topic describes how to improve the security of the network connections between clients and Message Service (MNS).

Background information

You can use HTTP requests to access MNS from the Internet. For messages that contain sensitive information, you can improve the security of the network connections between clients and MNS by using the following two methods:

  • Use HTTPS endpoints of MNS.
  • Encrypt messages to be sent to prevent data theft.

The following section describes a best practice of encrypting MNS messages.

Solution

  1. Encrypt message to be sent.

  2. Decrypt and consume the messages at receiver clients.

For more information about sample code, see SecurityQueue.zip. To download SecurityQueue.zip, click here.

  • The SeurityQueue.java file provides the putMessage, popMessage, and deleteMessage operations. The putMessage and popMessage operations are described as follows:
    • putMesssage: uses keys and an algorithm to encrypt messages to be sent to MNS servers.
    • popMessage: decrypts messages that are received from MNS servers and returns the decrypted messages.
  • The SecurityKeyGenerator.java file is used to generate the secretKey that is used for message encryption and decryption.
  • The SecurityQueueDemo.java file provides the sample code that is used to encrypt, decrypt, and delete messages.

For more information about how to use the sample code, see ReadMe.txt.

Precautions

  1. Message encryption and decryption may affect the performance.
  2. Do not send unencrypted messages to a queue that exclusively receives encrypted messages.