IBM Corp. is taking steps to bolster Web services security by adding new functions to its Web Services Toolkit for dynamic e-business – WSTK 3.1. The additions provide an implementation of simple object access protocol (SOAP) security token and digital signature components of the new WS-Security specification. WS-Security, co-developed by IBM, Microsoft Corp. and VeriSign Inc., is intended to help companies secure broadly interoperable Web services applications. SOAP is an extensible markup language – based industry protocol for accessing Web services in a platform – and language-independent manner.

With the SOAP security token, the message sender's properties, including name, identity, credentials and capabilities, are passed with SOAP messages, which help identify the message sender to the Web services provider. This modular technology is useful to Web services providers when they need to support users with different authentication mechanisms, Armonk, New York-based IBM says.

It also is designed to enable Web services providers to incorporate additional security features to their Web sites over time. The WSTK 3.1 functions are based on open specifications, including SOAP, Web services description language and universal description, discovery and integration.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access