An XML device or application that provides security functions does not mean that the solution itself is secure. A secure XML hardware device requires a properly designed architecture, precise algorithm implementation, secure key storage, encrypted policy data, and a secure API. While most anyone could claim these features, independent certification with security agencies such as NIST and DoD provide the unbiased analysis of these security requirements.
The Podcast below discusses in detail why FIPS and DoD Certification are essential for XML security hardware such as XML Gateways, and the distinct advantages over non certified devices, including the following areas:
- XML device PKI private key compromise protection
- SSL ciphers and XML security
- Secure policy data storage
- X509 authentication with CRL and parent chain signature verification
- Physical hardware integrity
To view the podcast, click
here.