
	Home > SOA Tips > XML Developer > Try XML security hardware

SOA Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

XML DEVELOPER

Try XML security hardware

Ed Tittel
10.22.2003
Rating: --- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

XML Developer Tip
(Receive this column in your inbox,
click Edit your Profile to subscribe.)

Try XML security hardware
Ed Tittel

In some of my previous XML tips, I've talked about various XML security related vocabularies and markup languages, including support for X.509 Certificates, security assertions (SAML), encryption, messaging, authentication, digital signature, and more. In other XML tips, I've talked about how some vendors are pushing XML processing into hardware so that Web sites can handle higher volumes of incoming and internal XML traffic more effectively and efficiently. I suppose I should have therefore seen the emergence of a veritable raft of XML security devices in the marketplace. Well, it's here!

In the past 6 months, dozens of special-purpose XML security processing appliances and devices have become available to application or service providers who want to use this advanced technology. Such boxes help avoid the performance hits that sometimes accompany the use of XML markup, and those that are also typical of the extra processing and data handling required when heightened security is needed as well.

The primary notion that drives this phenomenon is that individual communication channels between clients (typically using Web browsers, but other applications can use the same techniques) and servers (again, typically Web servers) must be secured and managed. Such devices help to ensure that client identity may be proven, and secure links established to permit confidential data exchange (the U.S. Government's XML site has great slides on this topic). This makes sense for routine transactions like credit card or other purchases online, but is also useful for all kinds of official, signed, or confidential information exchanges.

One prevailing notion behind devoting special-purpose hardware to handle XML security is that it separates security from general applications development. In effect, it permits an extra layer of security to be interposed between what's inside and outside an organization without requiring changes to existing code. It also helps avoid the complexities and risks inherent in retrofitting older applications with newer code. And, as I've already indicated, it offers the highest level of performance available when security is added to applications and services. For everything from legacy applications to developers who want or need application security but may not have time or resources to build it in themselves, the security device approach appears to offer a workable solution—but at a sometimes hefty price (many of these devices cost from tens to hundreds of thousands of dollars, depending on features, functions, and level of performance needed).

That said, here's a short alphabetical list of some of the many companies that offer XML security hardware products:

If you prefer to roll their own XML security implementations, IBM alphaworks and Phaos XML are the pre-eminent purveyors of development suites for that purpose. But in that case, hardware speeds and easy add-on benefits won't apply with serious additional time and effort invested during the development process.

About the Author

Ed Tittel is a VP of Content Development & Delivery at CapStar LLC, an e-learning company based in Princeton, NJ. Ed runs a small team of content developers and project managers in Austin, TX, and writes regularly on XML and related vocabularies and applications. E-mail Ed at etittel@lanw.com.

For More Information:

Looking for free research? Browse our comprehensive White Papers section by topic, author or keyword.

Are you tired of technospeak? The Web Services Advisor column uses plain talk and avoids the hype.

For insightful opinion and commentary from today's industry leaders, read our Guest Commentary columns.

Hey Codeheads! Start benefiting from these time-saving XML Developer Tips and .NET Developer Tips.
Visit our huge Best Web Links for Web Services collection for the freshest editor-selected resources.

Visit Ask the Experts for answers to your Web services, SOAP, WSDL, XML, .NET, Java and EAI questions.

Choking on the alphabet soup of industry acronyms? Visit our helpful Glossary for the latest industry lingo.

Couldn't attend one of our Webcasts? Don't miss out. Visit our archive to watch at your own convenience.

Discuss this article, voice your opinion or talk with your peers in the SearchWebServices Discussion Forums.

Rate this Tip
To rate tips, you must be a member of SearchSOA.com. Register now to start rating these tips. Log in if you are already a member.
Submit a Tip

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	XML Developer
	Use the soapUI software tool to tame WSDL
	WSDL 2.0, new messaging for Web services
	Using RELAX NG For data integration
	Efficient XML Interchange tackles data verbosity
	XML to DDL imports, synchronizes database schemata
	The basics of MathML 3.0
	Migrating to XSLT 2.0
	What's up with XML 2.0?
	Say hello to XPath 2.0
	Podcasting software covers many bases

XML and XML schema

What's the future of XML?

SOA pattern of the week (#7): policy centralization

Try XML-based Extensible Business Reporting Language (XBRL) for accounting reports

What's new at the W3C

Ganymede: Modeling tools target SOA, UML

Data services mashups emerge for SOA

Making sense of data services mashups

XML turns 10

SOA helps save 100-year-old business

Oracle maps heterogeneous data services strategy for SOA

XML

National Weather Service policy supports XML

XML and democracy at work: The Election Markup Language (EML)

For interesting interface access, check out Xamlon

Royalty-free, revolutionary UBL

Altova strikes again with MapForce 2005

Beating the RSS crunch with aggregation/bloglines

Voice, speech, SIP, and XML: ECMA-269

Microsoft Baseline Security Analyzer and XML

An open source, native XML database: dbXML 2.0

Second-generation XML security preview: SAML

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

class diagram (SearchSOA.com)

Fast Infoset (FI) (SearchSOA.com)

GeoRSS (SearchSOA.com)

Keyhole Markup Language (SearchSOA.com)

RELAX NG (SearchSOA.com)

state diagram (SearchSOA.com)

Universal Business Language (SearchSOA.com)

Vector Markup Language (SearchSOA.com)

XML infoset (SearchSOA.com)

XML pipeline (SearchSOA.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

SOA Trends and Strategy - SOA Education, SOA Development, SOA Implementations

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2001 - 2009, TechTarget \| Read our Privacy Policy