IBM Software to Support Secure Web Services

IBM Unveils Industry's First Software for Secure Web Services

Websphere and Tivoli Software Enable Businesses to Securely Extend Web Services Applications to Business Partners, Customers, Suppliers

Somers, NY, USA. September 18, 2002.

IBM today announced the industry's first software that will help organizations more rapidly build secure business relationships with other organizations using Web Services applications.

The new software -- IBM's WebSphere software for managing high-volume business transactions and integrating key business applications -- and IBM's Tivoli software -- enabling the secure interaction of business applications -- will support key industry standards for Web Services security, such as the WS-Security specification, which IBM co-authored.

As a result, businesses will now be able to develop Web Services applications that are secured beyond the firewall -- meaning they can facilitate secure transactions with partners in their supply chain, regardless of the Web services or security technologies used by other partners.

Specifically, IBM WebSphere Application Server Version 5 will support WS-Security in the fourth quarter and in IBM Tivoli Access Manager, early next year. This specification defines a standard set of Simple Object Access Protocol (SOAP) extensions, that can be used to provide integrity and confidentiality in Web services applications.

IBM is developing the first comprehensive open-standards based Web services infrastructure that extends enterprise-class security capabilities to Web services deployments running on a variety of platforms. New features across the WebSphere and Tivoli software portfolio can help IBM customers automate the process of extending customer and partner-facing Web services applications to more organizations and users, helping reduce the reliance on proprietary technologies and costly manual integration.

IBM also plans to support new federated identity management capabilities in its WebSphere and Tivoli software to provide a way for Web services and enterprise applications to share identity information across multiple networks, helping businesses extend market reach by securely integrating with suppliers, partners and customers.

IBM Tivoli Access Manager will feature new federated identity management interfaces that enable customers to plug in support for identity standards. This next release, scheduled for November, will initially feature out-of-the box support for the XML Key Management Specification (XKMS). IBM plans to extend this capability to include support for various identity standards such as the Security Assertions Markup Language (SAML), Kerberos, XML Digital Signatures and other security tokens formats as they mature in standards organizations. Additionally, IBM will support secure token management, trust brokering, integrated identity mapping and credential mapping services.

New Web services trust broker software can allow organizations to automate the process of entering into trusted business relationships, regardless of the type of security mechanism used by the other company. IBM's intent is to support the broadest range of brokering methods such as Microsoft TrustBridge, Kerberos tokens, Public Key Infrastructure (PKI) credentials and other means of delegating trust that develop in the future. IBM plans to deliver this software in Tivoli and WebSphere software.

Additionally, IBM plans to provide fine-grained authorization for SOAP transactions in Web services environments. This new feature will allow businesses to control access to Web services applications based on a user's identity, and associated entitlements.

"IBM is liberating customers so they are no longer confined to Web services inside the firewall," said Arvind Krishna, vice president of security products, Tivoli Software, IBM. "By simplifying business integration across federated company boundaries using open standards, IBM is delivering software that can help customers link thousands of its business partners together while reducing custom integration costs."

About IBM

IBM is the world's largest information technology company, with 80 years of leadership in helping businesses innovate. IBM Software the widest range of middleware and operating systems for all types of computing platforms, allowing customers to take full advantage of the new era of e-business. IBM WebSphere business integration software and Tivoli security management software helps customers around the world securely manage billions of transactions per day while also integrating business processes. For more information visit www.ibm.com/software.

Contact

IBM Software Group
Tivoli Media Relations
Tel: 512/286-3182 (t/l 966)
Tel: 512/636-0100 - mobile
Email: crowejd@us.ibm.com

Prepared by Robin Cover for The XML Cover Pages archive. See: (1) "Security Assertion Markup Language (SAML)"; (2) "XML Key Management Specification (XKMS)."

SEARCH Advanced Search ABOUT Site Map CP RSS Channel Contact Us Sponsoring CP About Our Sponsors NEWS Cover Stories Articles & Papers Press Releases CORE STANDARDS XML SGML Schemas XSL/XSLT/XPath XLink XML Query CSS SVG TECHNOLOGY REPORTS XML Applications General Apps Government Apps Academic Apps EVENTS LIBRARY Introductions FAQs Bibliography Technology and Society Semantics Tech Topics Software Related Standards Historic	IBM Software to Support Secure Web Services IBM Unveils Industry's First Software for Secure Web Services Websphere and Tivoli Software Enable Businesses to Securely Extend Web Services Applications to Business Partners, Customers, Suppliers Somers, NY, USA. September 18, 2002. IBM today announced the industry's first software that will help organizations more rapidly build secure business relationships with other organizations using Web Services applications. The new software -- IBM's WebSphere software for managing high-volume business transactions and integrating key business applications -- and IBM's Tivoli software -- enabling the secure interaction of business applications -- will support key industry standards for Web Services security, such as the WS-Security specification, which IBM co-authored. As a result, businesses will now be able to develop Web Services applications that are secured beyond the firewall -- meaning they can facilitate secure transactions with partners in their supply chain, regardless of the Web services or security technologies used by other partners. Specifically, IBM WebSphere Application Server Version 5 will support WS-Security in the fourth quarter and in IBM Tivoli Access Manager, early next year. This specification defines a standard set of Simple Object Access Protocol (SOAP) extensions, that can be used to provide integrity and confidentiality in Web services applications. IBM is developing the first comprehensive open-standards based Web services infrastructure that extends enterprise-class security capabilities to Web services deployments running on a variety of platforms. New features across the WebSphere and Tivoli software portfolio can help IBM customers automate the process of extending customer and partner-facing Web services applications to more organizations and users, helping reduce the reliance on proprietary technologies and costly manual integration. IBM also plans to support new federated identity management capabilities in its WebSphere and Tivoli software to provide a way for Web services and enterprise applications to share identity information across multiple networks, helping businesses extend market reach by securely integrating with suppliers, partners and customers. IBM Tivoli Access Manager will feature new federated identity management interfaces that enable customers to plug in support for identity standards. This next release, scheduled for November, will initially feature out-of-the box support for the XML Key Management Specification (XKMS). IBM plans to extend this capability to include support for various identity standards such as the Security Assertions Markup Language (SAML), Kerberos, XML Digital Signatures and other security tokens formats as they mature in standards organizations. Additionally, IBM will support secure token management, trust brokering, integrated identity mapping and credential mapping services. New Web services trust broker software can allow organizations to automate the process of entering into trusted business relationships, regardless of the type of security mechanism used by the other company. IBM's intent is to support the broadest range of brokering methods such as Microsoft TrustBridge, Kerberos tokens, Public Key Infrastructure (PKI) credentials and other means of delegating trust that develop in the future. IBM plans to deliver this software in Tivoli and WebSphere software. Additionally, IBM plans to provide fine-grained authorization for SOAP transactions in Web services environments. This new feature will allow businesses to control access to Web services applications based on a user's identity, and associated entitlements. "IBM is liberating customers so they are no longer confined to Web services inside the firewall," said Arvind Krishna, vice president of security products, Tivoli Software, IBM. "By simplifying business integration across federated company boundaries using open standards, IBM is delivering software that can help customers link thousands of its business partners together while reducing custom integration costs." About IBM IBM is the world's largest information technology company, with 80 years of leadership in helping businesses innovate. IBM Software the widest range of middleware and operating systems for all types of computing platforms, allowing customers to take full advantage of the new era of e-business. IBM WebSphere business integration software and Tivoli security management software helps customers around the world securely manage billions of transactions per day while also integrating business processes. For more information visit www.ibm.com/software. Contact IBM Software Group Tivoli Media Relations Tel: 512/286-3182 (t/l 966) Tel: 512/636-0100 - mobile Email: crowejd@us.ibm.com Prepared by Robin Cover for The XML Cover Pages archive. See: (1) "Security Assertion Markup Language (SAML)"; (2) "XML Key Management Specification (XKMS)."