Introducing the XML Security Server
Today, Vordel released VordelDirector, which is an XML Security Server. So what's an XML Security Server? An XML Security Server allows security for XML messages to be deployed as a service. Its architecture allows enterprise-wide security policies for XML traffic to be managed centrally, while enforcement is distributed across the network, whereever XML is being processed. The security enforcement is provided through pre-built security agents which plug into common XML and Web Services platforms, through APIs, and of course through Web Services. Whereas an XML Gateway sits in-line and filters XML traffic in one single location, an XML Security Server manages security rules across multiple network tiers and boundaries. An XML Security Server can support sophisticated identity federation scenarios, including Liberty/SAML and WS-Trust, as well as transactions, by passing security tokens inside XML messages.
An XML Security Server interfaces with IDM infrastructure such as directories, AAA access control, and trust services. It can be used as an “adjunct processor” that offloads XML security processing from an application server, for example allowing XML security processing to be performed on a device optimized for performance and for private key protection.
An XML Security Server is particularly suitable for a Services Oriented Architecture, where many applications are exchanging XML with other applications, with no single "choke point" where an XML Gateway could be placed. The “Security As a Service” model also caters for the “deperimiterization” effect: due to wireless LANs, VPNs, and the widespread use of SSL for encryption, many organizations no longer have a single network access point where they can enforce firewall rules.
In the current Enterprise Architect magazile, I've written a "Whiteboard" article describing how an XML Security Server is used, with a deployment diagram - the article is at: http://www.ftponline.com/ea/magazine/spring/departments/whiteboard/Default.aspx
VordelDirector is a compliment to our existing XML Gateway product, VordelSecure.
|
|
