"Clearly, security is a road block. Nobody in their right mind is going to create a Web service without security," said Ron Schmelzer, senior analyst at XML and Web services research firm Zap Think.
A handful of companies are attempting to bridge this gap with software, including Forum Systems who announced its Sentry hardware security appliance.
The Sentry is a device built around an Intel processor and stocked with both nCipher and Broadcom encryption processing chips, said Wes Swenson, the president of Forum Systems.
The box sits in a network, with traffic flowing through it, and only applies security measures to that traffic based on user-defined policies, he said.
The device supports SSL as well as digital certificates, XML encryption for both privacy and authentication and XML processing for data validation, transformation and archiving, Swenson said.
Though the Sentry applies standards-compliant XML security when traffic moves through it, a second appliance is not required to decrypt the secured traffic, he said. Instead, as long as the receiving system complies with XML security standards, the data can be decrypted, he said.
The encryption, digital signature and other security measures added to XML documents by the Sentry can be applied to both the data included in the document, as well as to the XML tags that describe it, Swenson said.
XML documents, such as HTML documents, contain both the data to be transmitted or displayed and tags, information of how to display the data. The security travels with the documents over their lifetime, he said.
The device can handle up to 670 digital signatures per second and can be configured to block incoming documents that do not meet security criteria, to quarantine those documents, to perform packet-level inspection and more, Swenson said.
The Sentry is aimed at financial services firms, health-care companies, government agencies and insurance companies, Swenson said.
The device will be available worldwide from 22 July at a cost of $34,995 (£23,450).