VeriSign plans Web Services security gateway
Halt! Who goes there?
VeriSign Inc plans to announce web services security gateway software early next year, it emerged yesterday. Speaking at a gathering in San Francisco, CEO Stratton Sclavos disclosed the plan, which seems likely to place the company in competition against a number of startups and potentially larger security players.
VeriSign executives declined to comment deeply on the details of the offering, but Sclavos indicated that the offering will sit near application servers, authenticating users and encrypting and signing messages using emerging standards including XML Encryption, XML Signature, WS-Security and SSL.
"It will allow you to configure security so you don't have to build it into the web service itself," VeriSign director of product marketing Anil Chakravarthy told ComputerWire. He said the offering will comprise both software and service components, like its existing public key infrastructure systems.
The software sounds rather similar to products already on the market from young companies including California's Reactivity Inc and Ireland's Vordel Ltd, both of which make firewall-like gateway systems that examine and secure XML traffic as it passes into and out of an enterprise network.
Check Point Software Technologies Ltd, a major firewall vendor, also has plans for SOAP security for its Firewall-1 product. The major application server platform vendors also have security components embedded in their systems.