Search This Blog

Wednesday, April 9, 2008

Intel Releases SOA Security Toolkit

Intel has introduced its SOA Security Toolkit as a release candidate.
Part of Intel's family of XML tools, the toolkit is a high-performance
software module that addresses the confidentiality needs of
services-oriented architectures (SOA) by providing XML digital
signatures, encryption, and decryption capabilities for SOAP protocol
messages. Enterprises adopting and deploying Service Oriented
Architecture (SOA) solutions rely on message formats defined in XML
(Extensible Markup Language). The extensibility, verbosity and
structured nature of XML create performance challenges for software
developers seeking to provide content security in this dynamic,
heterogeneous environment. The Intel SOA Security Toolkit is standards
compliant, for easy integration into existing XML processing environments
and is optimized to support the authentication, confidentiality and
integrity of complex and large-size XML documents. The Intel SOA Security
Toolkit 1.0 for Java environments is a high-performance policy-driven
API available for Linux and Windows. Compliant with WS-security 1.0/1.1
and SOAP 1.1/1.2 standards, the toolkit focuses on confidentiality,
integrity and non-repudiation for SOA environments. This toolkit enables
encryption and decryption of SOAP message data, digital signature and
verification via a wide range of security algorithms, using industry
standards, for both servers as well as application environments. The
toolkit lets users provide their own XML policy file as an input. Through
this policy file, users can specify for the API security policy engine
which key provider and trust manager to instantiate, using either a
custom or the default class loader implementation. The security policy
engine then applies the specified policy, obtaining the keys and
certificates through the specified key provider and perform the trust
check using the specified trust manager. The toolkit supports all types
of X509 certificates, private, and shared keys.

No comments: