Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications

    New Web Services Security Spec on Tap

    By
    Darryl K. Taft
    -
    July 8, 2003
    Share
    Facebook
    Twitter
    Linkedin

      Led by Microsoft Corp. and IBM, a group of companies Tuesday plans to announce a new Web services specification for handling security in Web services environments.

      At the Burton Group Inc.s Catalyst conference in San Francisco, IBM, Microsoft, BEA Systems Inc., RSA Security Inc. and VeriSign Inc. will announce the publication of the WS-Federation specification, another in a series of standards IBM and Microsoft outlined in the Web services security roadmap they co-authored last year.

      Karla Norsworthy, director of e-business technology at IBM, said WS-Federation enables developers to manage trust relationships across enterprises that use different types of security solutions.

      “Were announcing the crown jewel of the Web services security roadmap, the Web services federation specification,” Norsworthy said. “That allows you to take companies or parts of companies with very different security solutions and different trust domains… Such as one might use Kerberos and one might use user ID and password. And you can make it really easy to allow a new user who is authenticated by one domain to be able to do business across a variety of companies and their Web services without requiring either the end user to re-authenticate or requiring a lot of bureaucracy from the participating companies. So these specifications are solutions that hold together Web services security [WS-Security], Trust [WS-Trust], the security part of Policy [WS-Policy] into allowing this kind of federation so that out clients can do successful business process integration and have the security part come easy.”

      Steven VanRoekel, director of Web services at Microsoft said, “From a Microsoft perspective, this is the technology that will enable TrustBridge.” TrustBridge is Microsofts upcoming technology that will allow organizations to share user identities across business boundaries, the company said.

      “WS-Federation is built to be extensible to utilize any broad range of identification mechanisms, like Passport, like SAML [Security Assertion Markup Language] or like anything else in between,” VanRoekel said.

      Page 2

      Meanwhile IBM will integrate WS-Federation into its WebSphere and Tivoli product lines, Norsworthy said.

      In addition to the new specification, Microsoft and IBM will be demonstrating the specifications capabilities by showing two systems exchanging federated identity information across each distinct system. The example is an automotive system that involves a car dealer, an auto manufacturer and a parts dealer, Norsworthy said.

      WS-Federation “is the piece that really enables you to see how what we set up with Trust and what we set up with Web Services Security and with the security part of Policy can all work together to allow customers to configure solutions that really allow them to have unlike security systems and have them interoperate,” Norsworthy said.

      Added VanRoekel: “This is kind of a hallmark in that its a real burden that affects businesses in trying to really enable Web services to work outside the corporate boundaries is that this user information, identity information, wasnt really exchangeable in any sort of good way. So getting the real vision of Web services and heterogeneous computing, where you can have different disparate systems talking to each other… You really cant enable the advanced scenarios unless you have this technology. So I think weve reached a pretty major milestone here in delivering it.”

      Darryl K. Taft
      Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×