Ultramatics works with IBM to defuse SOA security threat
Ultramatics has just announced SOA SafeGuard product, which is designed to shut one of the major SOA security holes – the opportunity to inject virus and other malware threats through XML file sharing.
This is good news for SOA implementers, but also introduces an interesting new stress point for IBM. Back in 2007 I was on a podcast where I identified the five SOA security traps, one of which was the XML problem. To summarize, most virus and other threat detection solutions look at the datastreams coming into the system and identify threat signatures that indicate the presence of some noxious code, but unfortunately they cannot see inside the XML wrapper, so to all intents and purposes the contents of any attached XML file are invisible. This offers the opportunity for malicious agencies to pop in some nasty code into the XML content and smuggle it through the security gates to the enterprise. Of course, it is not immediately obvious how this would help, in that getting this code executed might not be so easy, but hackers are smart….therefore it is best to close this exposure.
One way to close the window is simply to forbid any XML file sharing, but since industries such as healthcare now more or less rely on this to conform to industry standards and regulations, this is not really practical. The new Ultramatics product claims to be able to protect from these types of intruders. It runs on the IBM DataPower XI50 Integration Appliance, providing a hardware-based shield that can see into the XML files and weed out anything unpleasant. This solution will be very valuable to many SOA companies worried about security.
But there is something else interesting in the product details. The datasheet for the product says it can be used (in conjunction with IBM’s MQSeries) to:
Create a SOA ESB that can perform routing, transformation and protocol mediation functions
This is intriguing. Of course, the idea of an ESB appliance is not new, but the interesting point is that IBM is supplying this capability through the Ultramatics product…..I wonder if the other IBM ESBs, WebSphere ESB and WebSphere Message Broker, see this is encroachment?
Steve
Posted in Appliances, Business risk, enterprise service bus, esb, IBM, Imported, Security, SOA, Vendor news
Recent Comments
November 1, 2010 (8:36) CICS and PHP - DON'T PANIC It's great to see transactional support of any kind for a cloud language... be it PHP or not (whi...
July 16, 2010 (12:41) Does Micro Focus Server for SOA miss the point? I think Micro Focus has done a tremodeous introduction of Web Service from a COBOL. May not be a ...
June 15, 2010 (6:14) CICS and PHP - DON'T PANIC Hi Steve, Well, we don't actually *demand* that you host the PHP in regions separate to those ru...
April 3, 2010 (12:27) AMQP - Great idea, but it will never work As someone who has worked on DDS from an implementation perspective as well as an OMG standards p...
December 12, 2009 (9:15) Did Teilhard's JuxtaComm patent wipe out IBM, Microsoft and SAP? Subsequent to my post, the Calgary Herald ran an article (http://www.calgaryherald.com/business/P...
December 10, 2009 (9:01) AMQP - Great idea, but it will never work Now, this is a late reply! @Thorlin. I looked at DDS before embarking on AMQP (I also looked a...
December 7, 2009 (2:40) Come in Texas East District Court, your time is up The important thing to remember about patents is that they're all about the claims. While the bu...
October 27, 2009 (9:08) BAM vs BI Good article. Thanks, Emil
October 23, 2009 (11:04) So Oracle got Sun - but why? Oracle has stepped up the rhetoric when it comes to its plans for Sun. In a message to Sun custom...
September 16, 2009 (1:15) IBM gets Cognos to fill the gaps IBM has two BAM solutions now Cognos Now! and Websphere Business Monitor. Why two BAM solutions f...