IBM gets ready for SOAs

IBM on Thursday  is announcing its support of key industry standards for Web services security for its WebSphere and Tivoli server applications that will better enable those products to fully embrace service oriented architectures (SOAs).

Big Blue is betting big on SOAs being widely adopted over the next few years as corporate users search for ways to efficiently and cost-effectively tie existing heterogeneous hardware and software platforms together. Thursday's announcements are another step following several others earlier this year designed to help users get ready to move to the new architecture.

"What is driving in interest in (SOAs) are the incredibly heterogeneous environments users have to support. Either through mergers and acquisitions or new software they themselves produce, they will have a patchwork of hardware and software they use to get their most important work done. And the best way to get efficiencies out of such an environment is to make it look more homogenous," said Bob Sutor, director of IBM's WebSphere software in Somers, N.Y.

Typically within an SOA environment, business processes can be exchanged as interchangeable tasks or including Web services, Java adopters, and older application programming interfaces (APIs) like Corba. This would allow a bank, for instance, to use the same computing services infrastructure to take care of account transfer requests coming from tellers, ATMs or a Web-based application. This can help eliminate the need for multiple applications that can be expensive to maintain, IBM executives said.

To help this effort along, IBM executives said they will support the WS-Security roadmap and standards for expressing identity information including the Security Assertion Markup Language (SAML) and Kerberos. SAML enables authentication, authorization and identity information that can be exchanged among companies and their trading partners. IBM will also support Kerberos, a popular Windows network authentication protocol that enables users to sign onto a Windows desktop system and automatically access a range of applications using just their Web browser.

IBM plans to add native support for Kerberos within WebSphere, a company spokesman said.

"These announcements are aimed to tie together the picture of Tivoli and WebSphere being linked arm and arm as we advance the underlying security management. We want to show what you can do through middleware and security policies, and then how you build these applications on the Websphere platform," Sutor said.

Corporate IT shops will be able to use IBM's federated identity software to create a single, uniform way to set parameters for allowing access to Web applications, or packaged software including CRM and ERP applications, and legacy systems running high-volume transactions, such as CICS.

IBM plans to deliver by year's end a new version of WebSphere that will debut security enhancements through an upcoming version of Tivoli Access Manager (V5.1). These improvements will provide Web single sign-on capabilities to access portals, applications and back-end systems, a company spokesman said.

IBM also said it will build in features to its upcoming WebSphere Business Integration and WebSphere MQ products that will enable IBM mainframes to improve their network performance by defining security policies for a select group of Web or legacy applications. This capability will be available by year's end.

IBM officials also announced they will expand WebSphere's Web services support for software protecting sensitive personal financial data in outsourced Web-based Java applications including 401Ks and Human resources applications.