GRIDtoday AMD
DAILY NEWS AND INFORMATION FOR THE GLOBAL GRID COMMUNITY /
  ( Table of Contents )  
Breaking News - Security:

RSA Products, Partnerships Help Customers Embrace Web Services

RSA Security Inc announced new products and partnerships as part of its strategy to enable organizations to maximize their competitive advantage when deploying XML Web services. As the use of Web services increases, the need for comprehensive security solutions becomes even more critical. An efficient Web services infrastructure can benefit enormously from leveraging and interacting with an identity management system, as well as lead to increased business opportunities and reduced costs. RSA Security has added these Web services capabilities to its current identity and access management and authentication solutions -- RSA ClearTrust software, RSA Federated Identity Manager and RSA Keon software - and is also introducing RSA BSAFE SWS-J software to help developers Web service-enable applications.

RSA Security helps customers with the dynamic and changing environment of Web services by offering a variety of products and services that support Web services, and which meet the requirements for integrated and coordinated policy management and enforcement.

RSA Security provides:

  • Centralization of all authentication and authorization decisions for Web services via RSA ClearTrust software to provide a way to consistently manage security policy for both Web and Web service-enabled applications.
  • Federated identities and policies information via RSA Federated Identity Manager.
  • Certificate and validation services for Web services (which are critical to closing and solidifying the "trust" model) via RSA Keon software.
  • Developer solutions for Web services, providing a trusted party to bridge the interoperability gap of different or incomplete implementations from multiple vendors via RSA BSAFE software.
  • In conjunction with RSA Secured business partners, complementary security capabilities such as schema validation, malicious content detection, message routing and crypto-acceleration of Web services transactions.

"Organizations are looking forward to a productive computing environment in which applications launched by a trusted user or system will be able to transact with multiple applications and enterprises across the Internet using Web services, thus streamlining business processes for competitive advantage," said Dan Blum, senior vice president and research director at the Burton Group. "RSA Security is active in shaping strong authentication and Web services standards and technologies that will be required to ensure the adoption of Web services as way to extend identity management infrastructures."

As part of its strategy, RSA Security is announcing the availability of RSA BSAFE SWS-J software, one of the first commercially available Java solutions to support the OASIS Web Services Security (WSS) 1.0 standard. WSS is the fundamental standard providing security for Web services transactions, and it forms the basis of security for emerging standards from OASIS and the WS-* specifications. RSA BSAFE SWS-J software is designed to help developers quickly and cost-effectively implement standards-based, interoperable security to enable Web services.

The new product also includes high-performance implementations of XML Encryption and XML Digital Signing in compliance with the WS-Security 1.0 specification. Also, RSA BSAFE SWS-J software uses the Sun Java Cryptographic Extensions (JCE) architecture and so can use any JCE provider. If an application requires a FIPS 140 compliant mode (to allow the product to be used by a U.S. government agency), a developer can use the FIPS-validated RSA BSAFE Crypto-J 3.5 JCE provider with the RSA BSAFE SWS-J software.

"RSA Security is leading the way for software developers to secure Web services applications and the transactions those Web services exchange," said Robert Ford, CTO of CyberSource, a provider of electronic payment and risk management solutions based in Mountain View, Calif. "Cybersource helps our customers safely make millions of online transactions. We rely heavily on application-to-application transactions to empower our customers and one of the differentiations for our service is that we create an end-to-end trusted environment for our customers. RSA BSAFE SWS-J software will simplify the process of adding standards-based, interoperable security to our Web services applications."

RSA BSAFE SWS-J software is engineered to enable acceptance and validation of widely used authentication methods, such as username/password and X.509 certificates. Additionally, the software is extensible to support other authentication methods -- including RSA SecurID two-factor authentication tokens, Kerberos tickets and SAML assertions. Also, RSA BSAFE SWS-J software is standards-based to help ensure interoperability between an organization's Web services implementations and those of their partners, customers and other third parties.

"Broad adoption of Web services in business-to-business or business-to- consumer environments is dependent upon reliable, strong and transparent security," said Rick Welch, vice president of developer solutions and professional services at RSA Security. "RSA Security helped create the standards and infrastructure to enable Internet-based commerce, and we are continuing our innovation by creating new products to Web service-enable applications, establishing technology partnerships for seamless integration, and assisting in the development of new Web service security standards."
( Top of Page )
  ( Table of Contents )