OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

announce message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [announce] OASIS Members Form Web Services Security Technical Committee


OASIS Members Form Web Services Security Technical Committee

WS-Security Specification to Be Advanced by BEA Systems, Blockade
Systems, Commerce One, divine, Documentum, Fujitsu, Intel, IBM, IONA,
Microsoft, Novell, Oblix, OpenNetwork, Perficient, SAP, SeeBeyond, Sonic
Software, Sun Microsystems, TIBCO, VeriSign, webMethods, XML Global, and
Other OASIS Members

Boston, MA, USA; 23 July 2002 -- The OASIS standards consortium has
organized a new technical committee to advance the WS-Security
specification. WS-Security provides a foundation for secure Web
services, laying the groundwork for higher-level facilities such as
federation, policy, and trust. Through the open OASIS process, providers
and users will come together to extend the functionality of WS-Security,
which was originally published by IBM, Microsoft, and Verisign.

The WS-Security specification defines a standard set of Simple Object
Access Protocol (SOAP) extensions, or message headers, that can be used
to implement integrity and confidentiality in Web services applications.

"WS-Security is one of the first Web services standards to support,
integrate and unify multiple security models, mechanisms and
technologies, allowing a variety of systems to interoperate in a
platform- and language-neutral manner," said Chris Kaler of Microsoft.
Kaler and Kelvin Lawrence of IBM serve as co-chairs of the OASIS Web
Services Security Technical Committee.

"Significant work is happening at OASIS in the areas of security and Web
services. We are excited by the overwhelming response from OASIS members
ready to collaborate on WS-Security," added Lawrence.

BEA Systems, Blockade Systems, Commerce One, divine, Documentum,
Fujitsu, Intel, IBM, IONA, Microsoft, Novell, Oblix, OpenNetwork,
Perficient, SAP, SeeBeyond, Sonic Software, Sun Microsystems, TIBCO,
VeriSign, webMethods, XML Global, and other OASIS members will
collaborate on advancing the WS-Security specification. The first
meeting of the technical committee will be held on 4-5 September 2002
and hosted by Sun Microsystems.

WS-Security joins several security standards currently being developed
within OASIS. Other specifications include SAML for authentication and
authorization, XACML for access control, XrML for rights management,
SPML for exchanging provisioning information, and XCBF for describing
biometrics data.

"WS-Security is complementary to our work on SAML," said Joe Pato of HP,
co-chair of the OASIS Security Services Technical Committee. "In fact,
our team intends to employ WS-Security to specify the use of SAML for
adding security features to SOAP messages."

Participation in the OASIS Web Services Security Technical Committee
remains open to all organizations and individuals. OASIS will host an
open mail list for public comment on WS-Security, and completed work
will be freely available to the public without licensing or other fees.
Information on joining OASIS can be found on
http://www.oasis-open.org/join.

About OASIS
OASIS (http://www.oasis-open.org) is a not-for-profit, global consortium
that drives the development, convergence and adoption of e-business
standards. Members themselves set the OASIS technical agenda, using a
lightweight, open process expressly designed to promote industry
consensus and unite disparate efforts. OASIS produces worldwide
standards for security, Web services, XML conformance, business
transactions, electronic publishing, topic maps and interoperability
within and between marketplaces. OASIS has more than 400 corporate and
individual members in 100 countries around the world.


For more information:
Carol Geyer
Director of Communications
OASIS (www.oasis-open.org)
carol.geyer@oasis-open.org
+1.978.667.5115 x209


Industry Support for WS-Security at OASIS

"An open security standard is critical to being able to deliver on the
promise of Web services, and as a long-standing member of OASIS, BEA is
a strong supporter of this effort," said Edward Cobb, VP of Architecture
and Standards, BEA Systems. "Secure interoperability of Web services is
an important goal for everyone in the industry, and BEA will actively
participate and help drive this critical work."

"Fujitsu welcomes the standardization of the Web Services Security
within OASIS. As a leading provider of Internet-focused information
technology solutions for the global marketplace, Fujitsu will commit to
contribute in the new OASIS Web Services Security Technical Committee,"
said Seigo Hirosue, General Manager, Project-A XML, Fujitsu Limited.
"Fujitsu's Interstage, the software platform for 'Collaborative Business
Integration,' will support the future standard to realize secure B2B
transactions.

"Web services standards are developing in a methodical, coordinated
fashion that will ensure you'll be able to mix-and-match technologies to
achieve your integration and business connection goals," said Bob Sutor,
Director of e-business Standards Strategy at IBM. "WS-Security is a
critical element of the Web services stack and an important step toward
creating the comprehensive set of security standards that will
accelerate the adoption of Web services by our customers and users
around the world."

"The creation of interoperable security standards is necessary to solve
the complex challenges facing customers who are integrating their
applications and systems across the extended enterprise. Ensuring the
security of these applications and systems is a key issue that must be
addressed before the widespread adoption of Web services," said Nand
Mulchandani, co-founder and CTO, Oblix.  "We are excited to be a charter
member of the OASIS Web Services Security Technical Committee, as we
have always been on the forefront of implementing Web services in our
enterprise identity management and Web access control solution, Oblix
NetPoint. Our experience in implementing this technology at numerous
enterprise customer sites will be a tremendous asset in assisting with
the development of this important specification."

"The unification of existing security models is a key business and
technology driver for widespread adoption of Web services technologies,"
said Andy Sweet, chief technology officer, Perficient, and OASIS
technical committee member. "By leveraging the existing work completed
by WS-Security, the OASIS Web Services Security Technical Committee will
be able to deliver security standards that will drive unification and
allow real interoperability between diverse enterprise systems.
Perficient looks forward to participating in this important effort."

"Global Web security standards are imperative for the future success of
widespread business-to-business integration, making WS-Security the
premier Web services standard supporting several security models a
necessity," said Alan Davies, vice president of Standards and Product
Strategy for SeeBeyond. "SeeBeyond embraces the unique opportunity to
work closely with the OASIS standards consortium, supporting the
customer adoption of global Web security standards and the delivery of
secure solutions to the market and our customers."

“Security has been one of the most critical barriers to Web services
adoption to date, and  Sonic Software is committed to developing
security standards for Web services,” said Greg O’Connor, president of
Sonic Software. “We are pleased to offer Sonic’s participation to the
Technical Committee.”

"We are encouraged to see Microsoft and IBM contributing their
specification under royalty free terms to OASIS, which is a recognized
industry standards body," said Bill Smith, Director of Liberty Alliance
Technology at Sun Microsystems. "Sun welcomes this submission because it
will now be possible for the community to evaluate and build upon this
technology out in the open. We hope to see all Web service
specifications made available under royalty free terms."

"WS Security is one of the first specifications that addresses the
critical need to embed trust and security into the fabric of the Web
services infrastructure,” said Dr. Phillip Hallam-Baker, Principal
Scientist, VeriSign. "Although protocols such as SOAP, UDDI and WSDL
have received broad industry support, the technologies and standards to
enable trusted Web services are still being developed. That’s why
organizations like OASIS are so important; they are going to play a
leading role in laying a trusted foundation for Web services.”

"Interoperable security is a key ingredient to making Enterprise Web
Services viable. As one of the original authors of XKMS and SAML,
webMethods has long been a thought leader in Web Services-related
security standards," said Andy Astor, vice president of Enterprise Web
Services for webMethods. "We're very pleased to be further developing
these standards as a participant in the OASIS Web Services Security
Technical Committee. We look forward to working closely with our
colleagues from the other participating companies."

"Secure Web services are essential for use in real world systems today,"
said John McAughtry, president of XML Global. "Our existing OASIS work
on ebXML messaging will contribute to this critical area of XML
development."

#  #  #












[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC