IBM steps up Web services security

Big Blue says a new software component in WebSphere and Tivoli will help developers create Web services applications that lock out intruders, no matter what security standard they use.

2 min read
IBM on Wednesday said it plans to add to its products new software that should make Web services applications more secure.

IBM said that it is building a new software component into version 5 of its WebSphere application server, which is scheduled for release in the next quarter, and into future releases of its Tivoli Access Manager, which will secure Web services transactions.

The company said it is taking the initiative to simplify development. "The alphabet soup of security standards is confusing for our customers. We have taken advantage of several security specifications so that regardless of what standard (our customers) are using to develop their Web applications, we are going to make sure those applications are secure," said IBM spokesman John Crowe.

Ensuring the security of Web services transactions is one of the largest hurdles to widespread adoption of Web services, say analysts. is a new way to build software that has been espoused by leading technology companies for connecting business software over the Internet.

IBM said that by using the software, companies will be able to create Web services applications that will be secure regardless of which Web services or security technologies they use.

Other companies have announced Web services security plans. Microsoft in June announced a Web services security plan called TrustBridge; but the software giant's effort appears to be geared primarily at Windows-based networks. Last week, Hitachi Computer Products announced Quadrasis EASI Express, a software product that allows developers to include authentication, authorization and other security systems into Web services applications.

IBM said its WebSphere version 5 and Tivoli products both support key industry standards for Web services security, including WS-Security.