User authentication. Authentication verifies the identity of a Broker Server to a Broker Java client attempting to make a connection and that of the Broker Java client to the Broker Server (two-way authentication). For a connection to be made, both parties must have first been assigned SSL identities.

User authorization for Broker objects protected by Access Control Lists (ACLs). Only clients whose SSL identities are specified in a Broker object's ACL may connect to that object. This type of security protects confidential data from access by unauthorized users.

Encryption of the data traffic between a Broker client and the Broker Server, to protect sensitive data. This type of encryption is independent of the SSL authentication process and of the ACL authorization process. Typically, you encrypt the data traffic when working with highly sensitive data, or to protect data of a confidential nature that passes across a public network.