DataPower's XML Web Services Security Standards Leadership Continues with Success at W3C XKMS Interoperability Test.
DataPower(R), the leading provider of network hardware for securing XML Web services, announced today that DataPower's most widely deployed XS40 XML Security Gateway has successfully passed W3C XML Key Management Specification (XKMS) interoperability testing. DataPower's interoperability testing occurred along with leading PKI, server and enterprise software organizations including Apache Software Foundation (www.apache.org), Entrust (NASDAQ:ENTU), Oracle (NASDAQ:ORCL), Sun Microsystems (NASDAQ:SUNW) and Verisign (NASDAQ:VRSN).
Public key cryptography is at the heart of XML Web services security. XKMS is designed to simplify the integration of PKI and digital certificates to enable authentication, digital signature, and encryption services, such as certificate processing and revocation status-checking, without the complications historically associated with proprietary PKI software toolkits. As the first XML Web services security vendor to demonstrate XKMS interoperability, DataPower customers are assured the benefits of the most robust and interoperable Web services security in a drop-in XKMS network device.
"XML Web services no only enables loosely coupled application functionality, but Web services is also an effective way to offer application security as a service to achieve 'separation of concerns' best practices necessary to cope with the complexity of Web services security," said Rich Salz, chief security architect at DataPower. "In this way, XKMS aims to simplify application security by moving digital-signature handling and encryption out of the applications themselves and provide PKI as an easy-to-use Web service."
"The biggest challenges with PKI are developing and migrating applications using PKI, cumbersome client updates, and the high processing costs associated with PKI. XKMS will form a fundamental piece of the infrastructure to enable the offload of PKI processing from the developer and their applications in a secure way, even for small devices," said Shivaram Mysore, Chair of the W3C XKMS Working Group. "By being the first to demonstrate XKMS interoperability in its network devices, DataPower has taken the critical steps for making secure applications with PKI a reality."
DataPower's award-winning XS40 is the only XML Web services security gateway to support XKMS. (See 2003 announcement: DataPower Announces XKMS Support for its XS40 XML Security Gateway, Enables Interoperability with Managed PKI Services and Systems (http://www.datapower.com/newsroom/pr_041403_xkms.html)) and today's news further showcases DataPower's leading support for high-end security functionality (See: DataPower Brings Maturity to Web Services Security for the Global 1000 with 3.1 Release (http://www.datapower.com/newsroom/pr_012405_xs3dot1.html)), its unmatched independent validation (See: Department of Defense Certifies DataPower XS40 XML Security Gateway (http://www.datapower.com/newsroom/pr_020705_jitc.html)), and its deep integration across the broadest portfolio of existing enterprise application and security infrastructure (See: DataPower Integrates RSA Federated Identity Manager and Achieves Certification from RSA Security (http://www.datapower.com/newsroom/pr_012405_rsafim.html)).
"Knowledgeable groups within sectors such as government, financial services and telecommunications have known for years that PKI can offer additional access protection, but have been put off by the overhead associated with its use with the application architecture," commented Earl Perkins, VP of Security & Risk Strategies at META Group. "With the advent of Web services, they have looked with renewed interested at the potential of XKMS to exploit PKI's strengths within the XML gateway infrastructure, thus offloading some of the performance and complexity issues from application security. The vendors that perfect actionable solutions to do just that may have an opportunity to show one way of bringing something old together with something new to make something real for customers."
DataPower provides enterprises with intelligent XML-Aware network infrastructure to ensure unparalleled performance, security and manageability of next-generation applications and XML Web Services. DataPower's patented XML Generation Three (XG3(TM)) technology powers the industry's first wire-speed XML-aware networking devices that provide immediate return on technology investments while streamlining application deployments. Founded in 1999, DataPower is privately held and based in Cambridge, MA. For more information about DataPower, please contact 617-864-0455 or visit www.datapower.com.