Security Considerations for Message Queuing

Applies To: Windows Server 2008

Security

Message Queuing uses security features provided by Windows 7 and Windows Server 2008 R2 family operating systems, including access control and auditing for Message Queuing objects, message authentication, and encryption. For details, see the following links:

• For a general overview of security features for Message Queuing, see Message Queuing Security Overview

• For information about implementing authentication to check who sent messages, and message integrity, see Authentication for Message Queuing

• For information about using Public Key Infrastruction (PKI) certificates to authenticate message sent over the HTTP and HTTPS transports, see HTTP/HTTPS Message Authentication

• For information about managing the certificates used by Message Queuing, see User Certificates

• For information about encrypting private messages, see Encryption for Message Queuing

• For information about restricting operations of Message Queuing objects to specific groups or users, see Access Control for Message Queuing

• For information about auditing access operations of Message Queuing objects, see Auditing Message Queuing Objects

• Message Queuing can be deployed in hardened MSMQ mode to enhance the security of Message Queuing computers using HTTP messaging over the Internet. For more information, see Message Queuing in Hardened MSMQ Mode

• Enabling Weakened Security

• Security Enhancements that Affect the Default Behavior of Message Queuing