The company's XS40 XML Security Gateway is a hardware appliance offering a range of security functions, including filtering, authentication, digital signature verification, encryption and data validation of XML and Simple Object Access Protocol (Soap) messages.
DataPower president Eugene Kuznetsov claimed the appliance would eliminate the need for coders to include such security functions in every application.
Instead, companies could pass multiple XML-enabled transactions through the appliance and let it take care of all the security functions, said Pete Lindstrom, an analyst at consulting firm Spire Group.
"It allows for security folks to manage these functions from a central point, which provides good value," Lindstrom said.
RouteOne, a joint venture formed by DaimlerChrysler Services, Ford Motor Credit, General Motors Acceptance and Toyota Financial Services, is using DataPower's XS40 Gateway to secure a Web-based credit application management system.
The RouteOne network acts as an intermediary for exchanging credit application and decision information between car dealers and finance companies.
DataPower's appliance takes a Secure Sockets Layer-encrypted message sent via Soap, decrypts it, validates and verifies the signature on it, then routes it to the appropriate server on the RouteOne network for further processing. It then signs and encrypts processed messages before sending them back over the network.
DataPower's appliance joins a handful of similar products from start-ups in a market that addresses security concerns associated with Web services transactions without slowing them down, said Forrester Research analyst Ted Schadler.
Reactivity's Service Firewall and Forum Systems' Sentry range offer similar products.
Others, such as Westbridge Technology, offer software-based engines capable of filtering XML messages for compliance with security polices for Web services.
Schadler said users should ensure they do not get locked into a nonstandard technology when considering such products.