Computerworld
Home News Blogs In Depth ReviewsWhite Papers Newsletters IT Jobs

resource center


Ads by TechWords

See your link here

Newsletter Sign-Up

Receive the latest technology news and information.
Application/Web Development
Web Site Management
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Q&A: VeriSign's Phillip Hallam-Baker on Web services security

By Carol Sliwa
August 30, 2002 12:00 PM ET
Recommended
(4)
Digg
Share/Email

Computerworld - BOSTON -- IT professionals should wait for the Web Services Security specification to be finalized and implemented before they start building sophisticated Web services that extend beyond their company's firewalls, according to the specification's co-author.
Phillip Hallam-Baker, principal scientist at Mountain View, Calif.-based VeriSign Inc., said it could take between six months and two years to nail down the WS-Security specification that he helped to write. Hallam-Baker spoke with Computerworld's Carol Sliwa about the state of Web services security during this week's XML Web Services One Conference here.
The WS-Security specification was announced in April by IBM, Microsoft Corp. and VeriSign and was turned over to the Organization for the Advancement of Structured Information Standards (OASIS). A technical committee working to advance WS-Security will hold its first face-to-face meeting next week.
Hallam-Baker was also senior author of the XML Key Management Specification (XKMS), and he served as editor of the Security Assertion Markup Language core schema and protocol specification. Here's what he had to say.

Phillip Hallam-Baker, principal scientist at VeriSign Inc.
Phillip Hallam-Baker, principal scientist at VeriSign Inc.
Q: Web services have been talked about for a while now, but clear and concise definitions are tough to come by. How do you define Web services?
A: Phase 1 of the Web was the human interacting with computer. And that's how we defined it at CERN. All the time we were thinking about human users talking to machines. We did do some work on machine-to-machine, but that was not what HTTP was optimized for.
What Web services are about is machine-to-machine communication. The base technology is XML and XML schema. If we want to narrow it to what types of Web service specifications are you going to be most interested in supporting -- obviously SOAP [Simple Object Access Protocol], WS-Security, XKMS.

Q: You said that users can build basic Web services today. When do you predict they'll be able to develop more sophisticated Web services?
A: I would look at it saying, first of all, don't look at Web services. Look at functionality. ... Look at the applications that meet that functionality. If there is a standard out there already and it's fine, then use it. If there isn't and you're looking to form some sort of group to build that type of functionality, then the platform to look at is Web services, because it's definitely where you'll get more programmer support, the most platform vendor support and all that great stuff.

Q: What events will need to happen for IT professionals to be able to start thinking about doing more sophisticated Web services that traverse firewalls?
A: Well,
Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints


Jump to comments

Web Site Management

Additional Resources

Microsoft
DirectAccess and UAG: Better Together
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Microsoft
Case Study: Energy Firm Tightens Protection, Simplifies IT Work
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
NEXT-GENERATION MOBILITY PLATFORMS
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Enabling Business and IT Integration: ITIL v3 and Compuware Vantage
Download it today!  

Data in Action: Making the Planet Smarter
Register Now

Compuware Vantage 11: Performance-driven Service Model, Unified Performance Analysis Tie Application Problems to Business Impact
Download this new white paper!  

Hosted Security Services: Why it make budget and security sense in today's economy
Watch Now

End-user experience monitoring: The missing link for web-site performance
Download this white paper today!  

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Case Study: Live Nation and Citrix NetScaler
When Live Nation spun off from Clear Channel Communications it urgently needed to consolidate nearly 100 different Web sites.  

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Oracle Accelerate - Not Just Smart but Timely
Download Now!  

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

All White Papers | All Webcasts

Computerworld Reports

Sold on SOA

Computerworld Technology Briefing: More than Business Value

Computerworld Briefing: Staffing for Intelligence

All Computerworld Reports

IT Jobs

 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.