Locking Down Web Services

 
 
By Darryl K. Taft  |  Posted 2002-10-02
 
 
 
Two e-security software providers this week announced new products to secure Web services. RSA Security Inc., of Bedford, Mass., released RSA BSafe SecurXML-C, a software development kit that enables developers to implement XML digital signatures as an added security feature for Web services.

Meanwhile, Baltimore Technologies plc, of Dublin, Ireland, announced KeyTools XML 5.1, which also features support for XML digital signatures.

By enabling the "signing" of documents and bits of data, XML digital signatures provide a means of authenticating information sent over the Internet. The authentication shows the sender of the data and proves that the information has not been tampered with in transit.

The RSA BSafe SecurXML-C toolkit provides all the underlying security technology—such as cryptographic and certificate functions—so that developers can apply it to their applications without having to code security features in by hand, the company said.

Baltimore officials said the new version of its KeyTools XML complies with the World Wide Web Consortiums XML Digital Signature standard. The product also supports JCA (Java Cryptography Architecture) and JCE (Java Cryptography Extension).

JCA enables developers to add low-level and high-level security functionality into their applications. JCE extends the JCA architecture to include encryption, key exchange and Message Authentication Code.

Related Stories:

  • New Web Services to Run the Security Gamut
  • Web Services Security: A Political Battlefield
  • Web Services Security Tightens
  • Rocket Fuel