IBM steps up Web services security
Big Blue says a new software component in WebSphere and Tivoli will help developers create Web services applications that lock out intruders, no matter what security standard they use.
IBM said that it is building a new software component into version 5 of its WebSphere application server, which is scheduled for release in the next quarter, and into future releases of its Tivoli Access Manager, which will secure Web services transactions.
The company said it is taking the initiative to simplify development. "The alphabet soup of security standards is confusing for our customers. We have taken advantage of several security specifications so that regardless of what standard (our customers) are using to develop their Web applications, we are going to make sure those applications are secure," said IBM spokesman John Crowe.
Ensuring the security of Web services transactions is one of the largest hurdles to widespread adoption of Web services, say analysts.
IBM said that by using the software, companies will be able to create Web services applications that will be secure regardless of which Web services or security technologies they use.
Other companies have announced Web services security plans. Microsoft in June announced a Web services security plan called TrustBridge; but the software giant's effort appears to be geared primarily at Windows-based networks. Last week, Hitachi Computer Products announced Quadrasis EASI Express, a software product that allows developers to include authentication, authorization and other security systems into Web services applications.
IBM said its WebSphere version 5 and Tivoli products both support key industry standards for Web services security, including WS-Security.