Federated identity and web services security will dominate the agenda at the annual RSA Conference that kicks off...
in San Francisco next week.
RSA Security, VeriSign and the Liberty Alliance Project will use the event to launch products that address security-related issues that hinder web services adoption.
The Liberty Alliance is expected to unveil the second phase of its federated identity collaboration called Identity Web Services Framework (ID-WSF).
The framework will map out how the alliance will develop ID services for PC and low-capability client devices such as mobile phones and personal digital assistants that do not require a server connection, said Simon Pugh, vice-president of standards and infrastructure at MasterCard International and a member of Liberty Alliance Project's management board.
ID-WSF will also push the concept of permissions-based sharing. The goal is to allow the consumer to control how the information is used. In future, Liberty will create ID Discovery Services and Definition of Services Profiles, some of which could be offered outside of the alliance, Pugh added.
RSA will unveil its BSAFE software developer toolkit to enable the creation of standards-based interoperable security for web services. The company will also announce the identity and access management strategy behind its new integrated product system architecture.
WS Security, which was authored by IBM, Microsoft and VeriSign, provides a foundation for secure web services featuring roadmap concepts such as policy and trust. It defines a set of SOAP message headers used for protecting web services applications.
VeriSign will put its spin on a crowded field of XML application gateways by introducing its Trust Gateway. This allows customers building web services to offload message policy configuration, deployment, and management to VeriSign's managed public key infrastructure and real-time validation services back end.