The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Created: June 18, 2002.
News: Cover StoriesPrevious News ItemNext News Item

Early Access Availability of VordelSecure XML Security Product.

Vordel has announced an Early Access program for its forthcoming release of the VordelSecure 1.1 XML Security product, allowing participating organizations to "integrate a wide variety of technologies for passing authentication and authorization data in SOAP messages -- including SAML, digital certificates, and WS-Security. VordelSecure is deployed at the perimeter of an organization, intercepting incoming SOAP requests at the Web server and validating them against security rules configured for the requested SOAP service. Depending on the outcome of the rules, the XML messages are either routed to the service or blocked. In this way it ensures that requests, containing unwanted data or received from unauthorized users, do not reach the business logic on an application server or interfere with internal systems. VordelSecure can examine the integrity, structure, and content of XML requests using industry standards such as XML Signature, XML Schema, and XPath; VordelSecure ensures the authenticity of X.509 certificates used, by integrating with PKI directories and local and global trust services, including XKMS based services."

From the White Paper, Executive Summary:

Web services introduce new security risks, which are not addressed by traditional security solutions that provide security at the network and transport layers. To ensure that yourWeb services are not compromised, they must be secured at the application layer. VordelSecure 1.1 provides full protection for your XML and Web services deployments against internal abuse and external attack. It enables security at the application layer by supporting the new and emerging XML and SOAP security standards.

VordelSecure offers broad security support that provides for content inspection as well as authentication, authorization, and accountability. It is deployed at the perimeter of your organization, intercepting incoming SOAP requests at the Web server and validating them against the security rules configured for the requested service. An intuitive management wizard is provided that allows you to easily apply security rules on a per-service basis.The following security rules can be enabled:

  • VordelSecure can examine the integrity, structure, and content of XML requests using industry standards - XML Signature, XML Schema, and XPath -- to ensure that unwanted or malicious data does not reach yourWeb services.
  • VordelSecure can verify the authenticity of X.509 certificates used, by integrating with PKI directories and local and global trust services to ensure that no invalid or revoked certificates are used.
  • VordelSecure can delegate authorization of users to existing access control software using SAML to ensure that unauthorized requests are blocked. Alternatively for less fine-grained access control VordelSecure can authorize incoming requests using the issuing CA policy or the certificate profile.

VordelSecure also provides audit trails for all transactions processed to enable you to account for usage of yourWeb services. You can locate and view these signed audit trails using the VordelSecure report generator. A monitoring console is provided to track activity in real-time.

SAML support to achieve fine-grained access control: "VordelSecure can authorize incoming requests by verifying the requester using SAML (Security Assertions Mark-up Language). SAML provides a standard way for exchanging authentication and authorization information about users over the Internet using XML messages called assertions. Using SAML you can leverage corporate investment in access management tools. These tools store user profiles and permissions and can act as SAML PDPs (Policy Decision Points), to which VordelSecure can interface using SAML. There are a large number of use cases to be considered with SAML and the scenarios supported by VordelSecure are described below. If a Web service request contains a SAML assertion,VordelSecure can use this assertion to determine if the requester is a valid user of the Web service. An assertion may contain only authentication information or it may contain information about the resources that the user has permission to access.VordelSecure can process both authentication and authorization assertions. If the request contains an authorization assertion,VordelSecure will examine it to see if the Web service requested is listed as a resource. Since a SAML Authority will typically sign the SAML assertions it issues,VordelSecure can validate the assertion by verifying the signature to ensure the assertion has not been modified since it was issued. VordelSecure can also verify that the SAML Authority is trusted to issue assertions for yourWeb service. The certificates for the SAML Authorities you want to trust must be imported into the VordelSecure certificate store and then assigned to the Web service..." [from the White Paper]

Principal references:


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Bottom Globe Image

Document URI: http://xml.coverpages.org/ni2002-06-18-a.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org