Swirling around the security open standards discussions at The Burton Group Corp.'s Catalyst conference 2002 on Monday in San Francisco, new products are turning the spotlight on the importance of remote policy management and wireless network security.
Incorporating ID management software into WLAN (wireless LAN) environments for secure wireless access, Waveset Technologies Inc. and Funk Software Inc. announced a technology integration partnership at Catalyst on Monday. As part of the deal, Waveset will embed its Lighthouse product into Cambridge, Mass.-based Funk's Steel-Belted Radius and Odyssey servers for management of user access privileges and authentication of remote users to 802.11 WLANs, said Kevin Cunningham, vice president of marketing at Austin, Texas-based Waveset.
"Wireless networks are proliferating, and the way they're growing is very much in an ad hoc fashion," Cunningham said. "We're looking for the islands of ID management [within a wireless network], and [we're] extending our centralized approach to management across them."
Funk's Odyssey server authenticates WLAN users against a local Windows 2000 Native Domain or NT domain authentication database or, through Steel-Belted Radius, against a central enterprise, according to Cunningham.
Adding a services twist to the dilemma of securing a growing remote work force with customizable group rules, SmartPipes Inc. introduced its new remote policy management software at the conference on Monday. Currently available, the automation software suite can be licensed as a Web service for integration with back-end systems via XML for enterprise customers or through service providers as a fully managed VPN offering, said Ray Bell, CTO and founder of Redwood Shores, Calif.-based SmartPipes.
During the first day at Catalyst, the Liberty Alliance stole the spotlight by releasing the first phase of its specification that will construct a federated network ID system for Web services and e-commerce .
Vendor backing for the Liberty Alliance remains strong, as evidenced by the addition of new players such as secure messaging vendor Critical Path Inc., which announced its membership at Catalyst.
Waveset's Cunningham said he was encouraged to see a great deal of vendor and attendee effort directed toward tackling the thorny issue of standards, particularly with regard to Web services security.
"This is one of the few times I've seen standards being talked about upfront. Standards are not an option here. The cart has to come before the horse this time," Cunningham said.
Joining a large contingency of security players pledging support for SAML (Secure Access Markup Language) 1.0 in future product releases, CrossLogix announced at the conference its beefed-up CrossLogix3 entitlement authorization platform, which will be available next month.
CrossLogix3's enhanced entitlement features provide support for authorizing Web services access and J2EE (Java 2 Enterprise Edition) application servers, including adapter integration with third-party SSO (single-sign-on) providers that adhere to SAML to retrieve authenticated user credentials, Ken Schroeder, CEO of Redwood Shores, Calif.-based CrossLogix Inc., said in a statement.
CrossLogix3 also provides bolstered policy analysis and auditing functions across applications. All access requests are logged in XML format and centralized in an "audit journal" for query via reporting tools, Schroeder added.
In other Catalyst news, PricewaterhouseCoopers and Burton announced a licensing agreement that grants the systems integrator giant and its clients exclusive rights to Burton's Reference Architecture for Directory and Security Strategies service. The service includes research reports, methodologies, best practices, documents, and other materials to augment PwC's ID management security initiative, according to company officials.