Verisign unveiled its framework for supporting Web services
security at the RSA Security Conference in San Jose last week,
writes Eric Doyle.
The Digital Trust Services framework applies an open standards
approach to tackle the problems of automating business processes in
a secure way across distributed applications. The framework already
has support from BEA Systems, Hewlett-Packard, IBM, Microsoft,
Oracle and Sun Microsystems.
Stratton Sciavos, president and chief executive at Verisign, said,
"Embedding interfaces to our Digital Trust Services into major
platforms reduces the friction that enterprises typically face in
automating internal and external business processes, enabling them
to capture significant gains in productivity and efficiency."
The framework includes application programming interfaces and tools
and support for developers. Planned future additions include global
validation (widescale single sign-on), authenticated payment, and
trusted IP telephony services.
Arvind Krishna, vice-president of security products at IBM Tivoli
Software, said, "Interoperability and trust are key to speeding the
adoption and success of Web services. We have already made good
progress on the interoperability front by forming cross-industry
initiatives and embracing security standards.
"On the trust front, we are integrating Tivoli secure access
management technology into Verisign's Digital Trust Services and
working to integrate [them] into open standards-based Web services
platforms."
The framework tools are available immediately and can be downloaded
from
www.xmltrustcenter.org/.