IBM, VeriSign Team Up on Security

IBM and VeriSign Inc., two of the largest players in the security market, have signed an agreement that calls for the companies to jointly develop new technologies and services as well as cooperate on marketing efforts.

Under the terms of the partnership, which they announced Tuesday, the two companies will develop and market a new Entitlement Management Service based on VeriSigns PKI technology and IBMs Tivoli Policy Director. The service will comprise online authentication, digital credentialing and signatures, authorization, and policy management.

The Global Services arm of IBM, based in Armonk, N.Y., will also work with VeriSigns Consulting Services Group on managed services offerings around the companies PKI technologies.

“The Internet is increasingly becoming the e-business platform as businesses learn to look for the digital signposts that ensure trusted commerce and communications,” said Stratton Sclavlos, president and CEO of VeriSign, based in Mountain View, Calif. “Our alliance with IBM reflects the importance that companies are placing on generating cost advantages and revenue opportunities by doing business in a trusted digital environment.”

This alliance signals an important shift for both companies. VeriSign, one of the original members of the digital security industry, has been active in the PKI and digital signature markets for years. However, since the company bought domain-name registrar Network Solutions Inc. last year, its security business has faded into the background.

IBM officials said some of the tehnical work necessary to mesh the companies products has already begun and that they view this partnership as much more than the typical joint marketing agreement. “This goes across almost all aspects of the technological landscape,” said Arvind Krishna, vice president of security products at Tivoli Software, part of the IBM Software Group. “This takes a big investment from both sides. This isnt just fluff. We believe the future lies in Web services and thats the way were moving.”

For its part, IBM has been involved in data security for decades, and its researchers continue to do quite a bit of work on PKI. As IBM morphed over the years and began to focus more on the PC business and more recently, consulting and storage, security took a back seat.

Recently, the companys Tivoli division has been its public face in the security market and will play an important role in the VeriSign partnership.

As part of the agreement, VeriSign and IBM will also work together to implement and advance security standards such as SAML (Security Assertion Markup Language) and XKMS (XML Key Management Specification), both of which soon will be supported in Policy Director, IBM officials said.