RSA Security Inc. has begun shipping its software development kit (SDK), RSA BSAFE SecurXML-C, allowing developers to add digital signatures using XML (Extensible Markup Language) technology to Web services, the Bedford, Massachusetts, company announced Tuesday.
The SDK can help developers secure the authenticity and integrity of a Web services message without having to posses extensive knowledge of cryptographic science and security practices, formatting standards and specialized Web services security protocols, RSA Security said. The product is aimed at developers writing Web service applications for Microsoft Corp,'s Windows, including 2000 and XP, and Unix environments such as HP-UX and Red Hat Inc.'s Linux.
The RSA SDK includes all the cryptographic and certificate functions required for building XML digital signature-compliant applications at the point of creation, the company said. The tool kit features detached, enveloping, and enveloped XML digital signatures and verifying XML digital signatures to ensure the authenticity and integrity of signed data, RSA Security said.
RSA BSAFE SecurXML-C software can also play a role in developing secure applications for federated identity management, such as the Liberty Alliance Project, by signing SAML (Security Assertions Markup Language) assertions, therefore providing single sign-on capabilities, the company said. SAML, which is scheduled to be accepted by the OASIS (Organization for the Advancement of Structured Information Standards) consortium by the end of November, is designed to deliver interoperability between compliant Web access management and security products.