The Messaging-PEP provides access and release control for:
• User applications requesting information from a PPS, and
• PPS pushing information to a user application or middleware.
The Messaging-PEP authorizes release and receipt based on the users (sender and receiver) privileges and current user specified policy. On receipt, the Messaging-PEP verifies that the local PPS and data-store(s) are authorized to access, process and store the contents of the Message. On Release, the Messaging-PEP ensures that each recipient to the message is authorized to receive the contents of the message, and that the specific communication mechanism (e.g., topic, queue, communication channel) is authorized to transport the contents of the message.
[Source: https://www.omg.org/spec/IEF-RA/1.0/]