Forum Systems Joins OASIS Members to Form Committee That Advances Standards for Web Services Secure Exchange (WS-SX); Significant Step Forward In Completing the Web Services Security Framework for Service-Oriented Architectures.SALT LAKE CITY -- Forum Systems, the leader in Web services security for threat protection and trust management, along with other members of the OASIS international standards consortium today announced plans to define extensions to the WS-Security OASIS standard that will enable the trusted exchange of multiple SOAP messages and will define security policies that govern the formats and tokens of those messages. Forum Systems is a charter member of the new OASIS Web Services Secure Exchange (WS-SX) Technical Committee that brings together users and vendors in an open process to refine and finalize a set of specifications based on three initial contributions; WS-SecureConversation, WS-SecurityPolicy and WS-Trust. This initiative is a significant step forward in completing the Web services security framework and is a natural progression of Forum Systems' efforts to create a composable Web services architecture that enables the development of reliable, secure, and transacted Web services. With input from the entire community, the OASIS WS-SX Technical Committee will advance a set of modular specifications that standardize the concepts, WSDL (Web Services Description Language) An XML-based language for defining Web services. Developed by Microsoft and IBM, WSDL describes the protocols and formats used by the service. documents, and XML Schema renderings for trusted brokering of SOAP message exchanges, shared security contexts, and security policies. WS-SecurityPolicy defines general security policies that can be associated with a service. WS-Trust provides a description for managing, establishing and assessing trust relationships between parties exchanging information. WS-SecureConversation serves as a building block to create a secure context for organizations to exchange multiple messages without constantly reauthenticating. "The OASIS WS-SX Technical Committee represents a significant step forward in creating a composable Web services architecture," said Mamoon Yunus, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of Forum Systems. "WS-SecureConversation, WS-SecurityPolicy and WS-Trust help establish the necessary security context for exchanging multiple messages, resolving security token incompatibility, and defining interoperable security policy expression. With WS-SX, security underpinnings necessary for enterprise-class SOA's are closer to realization." The OASIS WS-SX Technical Committee will operate under Royalty Free on RAND Terms, as defined by the OASIS Intellectual Property Rights Policy. The Committee's first meeting will be held 7-8 December. As with all OASIS projects, archives of the Committee's work will be accessible to both members and non-members, and OASIS will host an open mail list for public comment. OASIS WS-SX Technical Committee Charter Members: Actional Corp.; Adobe Systems Inc.; AmberPoint Inc.; Arjuna Technologies; BEA Systems Inc.; BMC Software Inc.; Cape Clear Software; Computer Associates International, Inc. ; DataPower; EnterpriseDB Corp.; Forum Systems, Inc.; Hewlett-Packard; IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) Corp.; IONA Technologies; Layer 7 Technologies; Lockheed Martin; Microsoft Corp.; Nortel Networks; Novell Inc.; Open Applications Group Inc.; Oracle Corp.; Ping Identity Corp.; Reactivity Inc.; Ricoh Corp.; Rogue Wave Software; SAP AG; Sarvega Inc.; Sonic Software; Systinet Corp.; Trustgenix Inc.; VeriSign Inc.; Vodafone UK; webMethods Inc.; WS02. Additional information: OASIS WS-SX Technical Committee http://www.oasis-open.org/committees/ws-sx Cover Pages Technology Report on XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. and Security http://xml.coverpages.org/security.html About Forum Systems Trustworthy, ubiquitous and robust Web services can only be achieved by combining security controls that are proactive, always on and systematic. Forum Seamless Security Solutions Architecture (Forum S3A(TM)) is an adaptive approach to building security minded service-oriented applications and data-level networks using life-cycle solutions including vulnerability management, testing systems, firewalls and gateways. Forum products are available as software, PCI-card and appliance options and comply with government requirements including CheckPoint OPSEC (OPerations SECurity) The U.S. military term for concealing critical information as part of a counterintelligence plan. A form of "security by obscurity," OPSEC determines what information adversaries can obtain or piece together from observation and to provide measures for Certification, FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. Certification, Common Criteria EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 4+ (in process) and JITC JITC Joint Interoperability Test Command (formerly Joint Interoperability Test Center) JITC Joint Interoperability Test Center (obsolete; now Joint Interoperability Test Command) DoD PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of Certification. Forum Systems is an active a member of OASIS and WS-I (Web Services Interoperability Organization, www.ws-i.org) A consortium founded by Microsoft, IBM, BEA Systems and Intel that is dedicated to the development of Web services. Its goals are to provide guidance and education, to promote interoperability and to ensure that Web services helping mature standards such as WS-I Basic Profiles, SAML (Security Assertion Markup Language) An XML-based format from OASIS for exchanging security information for single sign-on. The "assertions" are statements from a SAML authority that authenticate a user, confirm some attribute about the individual and grant or and WS-Security. Customers can benefit from Forum technology that is bundled with market-leading products: Microsoft ISA Server 2004, NetContinuum NC-1000 WSE WSE Web Services Enhancements (Microsoft) WSE Warsaw Stock Exchange (Warsaw, Poland) WSE Symposium on Web Site Evolution (IEEE International Symposum) , Crossbeam Systems, Breach Security and Network Engines NS6300X. For more information on adaptive solutions for Web services security visit http://www.forumsys.com. Forum Systems, Inc. is the Leader in Web Services and SOA Security(TM) with a comprehensive suite of trust management, threat protection and information assurance solutions for the automated Web. Forum Systems' flexible hardware, software and embedded products make vibrant business communications possible by actively protecting XML data and Web services across networks and business boundaries. Forum's products have been chosen by over 150 Fortune 1000 industry leaders and are winners of Network Computing Magazine's Well-Connected 2004 Award and Product of the Year 2004 Award, Network Computing Magazine's Editor's Choice 2003 Award, Network Magazine's Product of the Year 2003 Award and DEMO 2004 Invitation. Forum XWall Web Services Firewall is the industry's only XML Firewall selected by InfoWorld LEADERBOARD lead·er·board n. A board that displays the leaders in a competition. leaderboard Noun a board displaying the current scores of the leading competitors, esp in a golf tournament 2004. Visit Forum at http://www.forumsys.com/. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion