Feeds

Sun edges towards IBM and Microsoft on Web Services

Liberty Belle

  • alert
  • submit to reddit

The essential guide to IT transformation

ComputerWire: IT Industry Intelligence

Sun Microsystems Inc has thrown its weight behind a web services security specification co-developed by rivals IBM and Microsoft Corp.

Palo Alto, California-based Sun will support submission of WS-Security to the Organization for the Advancement of Structured Information Standards (OASIS).

If adopted, WS-Security would pass to an OASIS technical committee to be developed and modified with input from other vendors. Until now, the two-month old specification has been the work of just IBM, Microsoft and VeriSign Inc.

Sun's inclusion in this web services security initiative could help heal a growing rift between vendors over web services specifications. The split has seen IBM and Microsoft in one camp and Sun firmly in the other.

Tensions were sparked with the formation of the Web Services Interoperability (WS-I) organization in February. Sponsored by Microsoft and IBM, Sun was believed to have been excluded with the support of Microsoft chairman and chief software architect Bill Gates.

Sun, meanwhile, helped initiate the Liberty Alliance Project for secure network identity against Microsoft's plan for federated Passport. Sun has pledged directory products based on Liberty specifications - due for publication next month - in the next quarter.

Sun also announced the Web Service Choreography Interface (WSCI), to describe and manage the flow of elements inside a web service. WSCI is backed by BEA Systems Inc, SAP AG and little-known business process management vendor Intalio Inc.

Sun is believed to have been approached over WS-Security by IBM, and Sun's director of Liberty Alliance technology Bill Smith said Sun would develop as-yet unspecified future products supporting WS-Security. "We will be committing resources to this," he said.

Smith, who sits on Liberty's board, added Liberty could end up supporting WS-Security in its own specifications. Microsoft and IBM have been absent from Liberty, while developing the federated version of Redmond, Washington-based Microsoft's Passport. Liberty members have held discussions with Microsoft to join the organization.

"There is the possibility of [WS-Security's] use within Liberty," Smith said. He added, though, Liberty was still not up-to-speed on details of WS-Security.

"Liberty is driving a specification for network identity. WS Security is about secure messaging. Liberty needs secure messaging and may rely on WS Security in some context," Smith said.

WS-Security, announced in April, defines a standard set of Simple Object Access Protocol (SOAP) extensions or message headers to ensure the confidentiality and integrity of messages exchanged in web services environments. WS-Security is the first in a set of six security and communication specifications for web services, initially based on Microsoft technology.

A spokesperson for Liberty said: "We will look at WS-Security as one of many existing specifications."

Smith said it endorsed the decision to submit WS-Security to OASIS as a means of opening the specification to public scrutiny and ensuring development on a royalty-free basis. Royalty free became an issue since IBM recently highlighted its ownership of patents on certain technologies in ebXML.

"As soon as [WS-Security] is made publicly available we can take a look at it and see the major technology holes and the issues. Before, it was done behind closed doors... and the terms that underlay the technology were unclear," Smith said.

Other companies which will also participate in WS-Security development are Baltimore Technologies Plc, BEA Systems, Cisco Systems Inc, Documentum Inc, Entrust Inc, Intel Corp, IONA Technologies, Netegrity Inc, Novell Inc, Oblix Inc, OpenNetwork Inc, RSA Security Inc, SAP AG and Systinet Corp.

© ComputerWire

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
BBC: We're going to slip CODING into kids' TV
Pureed-carrot-in-ice cream C++ surprise
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
If there are any on our site it is not our fault as we are not a PUBLISHER
Facebook, Google and Instagram 'worse than drugs' says Miley Cyrus
Italian boffins agree with popette's theory that haters are the real wrecking balls
Sit tight, fanbois. Apple's '$400' wearable release slips into early 2015
Sources: time to put in plenty of clock-watching for' iWatch
Facebook to let stalkers unearth buried posts with mobe search
Prepare to HAUNT your pal's back catalogue
Ex-IBM CEO John Akers dies at 79
An era disrupted by the advent of the PC
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.