DataPower's XML Web Services Security Standards Leadership Continues with Success at W3C XKMS Interoperability Test.
CAMBRIDGE, Mass. -- XKMS XKMS XML Key Management Specification (W3C) Interoperability Testing for Robust PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of Adds to DataPower's Unmatched Record of High-End Features, Independent Validation and Proven Interoperability
DataPower(R), the leading provider of network hardware for securing XML XML
in full Extensible Markup Language.
Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. Web services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. , announced today that DataPower's most widely deployed XS40 XML Security Gateway has successfully passed W3C XML Key Management Specification (XKMS) interoperability testing. DataPower's interoperability testing occurred along with leading PKI, server and enterprise software organizations including Apache Software Foundation (open source, body) Apache Software Foundation - (ASF) An umbrella consortium that manages the development of the Apache web server, dozens of XML- and Java-based projects (under the name Jakarta), the Ant build tool, the Geronimo J2EE server, the SpamAssassin anti-SPAM tool, and (www.apache.org), Entrust (NASDAQ NASDAQ
in full National Association of Securities Dealers Automated Quotations
U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :ENTU), Oracle (NASDAQ:ORCL ORCL Oracle (stock symbol) ), Sun Microsystems (NASDAQ:SUNW SUNW Sun Microsystems, Inc (former stock symbol; now JAVA)
SUNW Stanford University Network Workstation (Sun Microsystems, Inc) ) and Verisign (NASDAQ:VRSN VRSN Verisign, Inc. (stock abbreviation, AMEX)
VRSN Version Number (NEC) ).
Public key cryptography An encryption method that uses a two-part key: a public key and a private key. To send an encrypted message to someone, you use the recipient's public key, which can be sent to you via regular e-mail or made available on any public Web site or venue. is at the heart of XML Web services security. XKMS is designed to simplify the integration of PKI and digital certificates to enable authentication, digital signature, and encryption services, such as certificate processing and revocation status-checking, without the complications historically associated with proprietary PKI software toolkits. As the first XML Web services security vendor to demonstrate XKMS interoperability, DataPower customers are assured the benefits of the most robust and interoperable Web services security in a drop-in XKMS network device.
"XML Web services no only enables loosely coupled application functionality, but Web services is also an effective way to offer application security as a service to achieve 'separation of concerns' best practices necessary to cope with the complexity of Web services security," said Rich Salz, chief security architect at DataPower. "In this way, XKMS aims to simplify application security by moving digital-signature handling and encryption out of the applications themselves and provide PKI as an easy-to-use Web service."
"The biggest challenges with PKI are developing and migrating applications using PKI, cumbersome client updates, and the high processing costs associated with PKI. XKMS will form a fundamental piece of the infrastructure to enable the offload of PKI processing from the developer and their applications in a secure way, even for small devices," said Shivaram Mysore, Chair of the W3C (World Wide Web Consortium, www.w3.org) An international industry consortium founded in 1994 by Tim Berners-Lee to develop standards for the Web. It is hosted in the U.S. by the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT (www.csail.mit.edu/index.php). XKMS Working Group. "By being the first to demonstrate XKMS interoperability in its network devices, DataPower has taken the critical steps for making secure applications with PKI a reality."
DataPower's award-winning XS40 is the only XML Web services security gateway to support XKMS. (See 2003 announcement: DataPower Announces XKMS Support for its XS40 XML Security Gateway, Enables Interoperability with Managed PKI Services and Systems (http://www.datapower.com/newsroom/pr_041403_xkms.html)) and today's news further showcases DataPower's leading support for high-end security functionality (See: DataPower Brings Maturity to Web Services Security for the Global 1000 with 3.1 Release (http://www.datapower.com/newsroom/pr_012405_xs3dot1.html)), its unmatched independent validation (See: Department of Defense Certifies DataPower XS40 XML Security Gateway (http://www.datapower.com/newsroom/pr_020705_jitc.html)), and its deep integration across the broadest portfolio of existing enterprise application and security infrastructure (See: DataPower Integrates RSA (1) (Rural Service Area) See MSA.
(2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. Federated Identity Manager and Achieves Certification from RSA Security (http://www.datapower.com/newsroom/pr_012405_rsafim.html)).
"Knowledgeable groups within sectors such as government, financial services and telecommunications have known for years that PKI can offer additional access protection, but have been put off by the overhead associated with its use with the application architecture," commented Earl Perkins, VP of Security & Risk Strategies at META Group. "With the advent of Web services, they have looked with renewed interested at the potential of XKMS to exploit PKI's strengths within the XML gateway infrastructure, thus offloading some of the performance and complexity issues from application security. The vendors that perfect actionable solutions to do just that may have an opportunity to show one way of bringing something old together with something new to make something real for customers."
DataPower provides enterprises with intelligent XML-Aware network infrastructure to ensure unparalleled performance, security and manageability of next-generation applications and XML Web Services. DataPower's patented XML Generation Three (XG3(TM)) technology powers the industry's first wire-speed XML-aware networking devices that provide immediate return on technology investments while streamlining application deployments. Founded in 1999, DataPower is privately held and based in Cambridge, MA. For more information about DataPower, please contact 617-864-0455 or visit www.datapower.com.