Interoperability with eTrust further enhances DataPower's AAA framework for multimodal authentication and fine-grained authorization of SOAP requests. The technical integration was streamlined by the agility of the XS40 device; the ongoing technical relationship between the two companies; CA's new WSDM 3.1 Observer Development Kit; and CA's openness and support for key Web services standards such as SAML, XACML, and WSDM.

CA's eTrust Identity and Access Management Suite is a complete, standards-based solution for automating and integrating identity and access management across enterprise, customer and partner environments. CA's WSDM is a comprehensive solution for managing Web services across services-oriented architectures. It is the first solution to support ad-hoc XML, CORBA, EDI and other types of SOA in addition to Web services.

Instead of URL-based or connection-level access control, fine-grained authorization allows the XS40 to interrogate every individual SOAP/XML transaction and determine whether it should be allowed through based on payload contents, security policy, and identity information. For example, a purchase order that is: (i) over $500 (ii) digitally signed by the CFO's certificate (iii) targeted for vendor X (iv) sent before 5pm may be allowed through, while one immediately following it would be rejected. SAML, WS-Security, and XACML are key emerging standards for implementing this kind of fine-grained access control in an open, cross-platform environment which joints a variety of policy enforcement points (such as the DataPower XS40 Gateway) and central policy repositories.

For more information, see www.datapower.com.