“The approach Microsoft is taking is to use a centralized system that can be accessed via Web Services. This single trusted source would control all the important steps in the DRM process. In essence, it would be an end-to-end, closed-loop system as exists in a number of major DRM products from companies such as those that used to be produced by InterTrust,” Schmelzer said. “In this DRM environment the system has to package rights, encrypt the content, put it in a central repository, provide means for activation on the receiving end, issue licenses, and provide a way to inform the rendering application (Adobe, RealPlayer, etc.) about the terms of the license such as number of times to view, rights to print, and expiration. This monolithic model for DRM, while secure and doable, presents a number of hurdles to the adoption of this important piece of functionality that can enable trustworthy computing going forward.

Read more at: Internetnews.com

• The market for XML content lifecycle solutions is expected to grow from $1.8 Billion in 2003 to over $11.6 Billion by 2008.
• Producers of content in the enterprise spend over 60% of their time locating, formatting, and structuring content and just 40% of their time actually creating it.
• By 2008, about 60% of all content lifecycle products will be XML-enabled.
• the primary challenge in the enterprise for producers of content — information that is intended for human consumption — is content reuse: the ability to integrate content from disparate sources.
• Efforts to improve content processes have been slowed by efforts to extract and manipulate content from multiple, disparate data sources.

Table of Contents:

• I. Report Scope
• II. The Growth and Management of Content in the Enterprise
  • 2.1. Sources and Growth of Content in the Enterprise
  • 2.2. The Content Management Challenge
  • 2.3. The Evolution of the Content Management System (CMS)
  • 2.4. Markup Languages and Content
• III. The Content Lifecycle
  • 3.1. Content Creation
  • 3.2. The Content Repository
  • 3.3. Content Management
  • 3.4. Content Publishing and Distribution
  • 3.5. Content Syndication
  • 3.6. Content Protection
• IV. XML-Enabling the Content Lifecycle
  • 4.1. Is XML Necessary for Improving the Content Lifecycle?
  • 4.2. Content Creation: XML-based Authoring and Conversion
  • 4.3. Content Repository: Native XML Storage and Search
  • 4.4. Content Management: XML-based Content Componentization
  • 4.5. Content Publishing and Distribution
  • 4.6. Content Syndication: XML Standards and Products
  • 4.7. Content Protection: XML-powered DRM
• V. The ROI of XML-enabling the Content Lifecycle
  • 5.1. Cost Savings: Content Reuse
  • 5.2. Cost Savings: Efficient Content Search
  • 5.3. Revenue Enhancing: Enabling Content Syndication
  • 5.4. Cost Savings: Integrating Islands of Content
• VI. Challenges in Implementing an XML-enabled Content Lifecycle
  • 6.1. Metadata-encoding Content is Difficult
  • 6.2. XML May Not be Suitable as a Long-term Archival Format
• VII. The Service-Oriented Vision of Content
  • 7.1. Shifting away from a Publish-oriented Mentality
  • 7.2. Content as Services: Service-Oriented Content
  • 7.3. Content Lifecycle Functionality as Services
• VIII. Market for XML-enabled Content Lifecycle Products
  • 8.1. Market Sizing and Growth
  • 8.2. Vendor Market Segmentation and Positioning
  • 8.3. The Future of Content Management Systems
• IX. Conclusions
  • 9.1. Key Notes
  • 9.2. Decision Points
  • 9.3. Figures
  • 9.4. Tables
• X. Profiled Vendors
  • 10.1. Content Creation
  • 10.2. Content Repository
  • 10.3. Content Management
  • 10.4. Content Publishing / Distribution
  • 10.5. Content Syndication
  • 10.6. Content Protection
• Related Research
• Trademark Notice and Statement of Opinion
• About ZapThink, LLC

Download File

By rearchitecting content representation technologies to treat content as another asset in the corporate IT infrastructure, businesses can realize the benefits long promised to us by reusable and agile content. But first, we need to move from ad-hoc content creation to content componentization, and then to content services. XML and Web Services are the key to this transition that can help organizations maximize the value of their content.Download File

• The next roadblock on the path to Web Services adoption is security. Security is today’s key enabler for Web Services.
• The XML and Web Services security market will reach $4.4 billion in 2006, which will represent 65% of the total authentication, authorization, and administration security market. This growth represents an average compound annual growth rate of 300%.
• Web Services offer great potential for B2B communication and integration, but the lack of robust security and manageability solutions currently inhibit the ability for companies to conduct business with each other via Web Services over the Internet.
• The combination of adequate funding, solid business models, seasoned management teams, and high quality engineering staff leads some startups to offer surprisingly robust XML and Web Services security solutions.
• The best positioned companies to be profitable in the XML and Web Services security space are those companies that already have deep technical knowledge of application level security technologies, coupled with a solid customer base.
• There will be a spike in demand for Web Services security solutions within the next 12 months.
• Web Services will not play a major role in transactional environments in 2002-2003.
• The 2003 timeframe won’t see many multiple-company B2B Web Services, because companies will choose to implement B2B Web Services on a point-to-point basis.
• Existing 3A security vendors will incorporate XML and Web Services into their product lines, so by 2006, most 3A security products will support or provide XML and/or Web Services security.
• This report must be placed into the context of an overall security strategy. Simply securing all of a company’s Web Services alone can only provide a false sense of security.
• Enterprises must institute policies that apply to their entire enterprise network (including participants invited from outside), and administer that security in a hierarchical fashion.
• Next-generation firewalls must be capable of looking at the content of XML streams, and the security mechanisms for such data must be part of that content.
• Companies planning on using Web Services across the firewall will necessarily have to resolve the resulting security issues first.

Table of Contents:

• I. Report Scope
• II. Context for Security in the Web Services Model
  • 2.1 The ZapThink Web Services Roadmap
  • 2.2 Security: The Key Enabler for Web Services
  • 2.3 Context: Security Products & Services
  • 2.4 Context: Web Services Management and Infrastructure Products
  • 2.5 Context: Global Identity Services
  • 2.6 Context: Digital Rights Management Technologies
  • 2.7 Context: Directory Servers
• III. Technology Landscape
  • 3.1 XML security and the shift to Service-oriented computing
  • 3.2 Principles of Application Security
    • 3.2.1 Application level security requirements
    • 3.2.2 Authentication
    • 3.2.3 Authorization and Access Control
    • 3.2.4 Confidentiality
    • 3.2.5 Data Integrity
    • 3.2.6 Non-Repudiation
  • 3.3 IT Security Precursors
    • 3.3.1 Encryption and Decryption
    • 3.3.2 Symmetric-Key Encryption
    • 3.3.3 Public-Key Encryption
    • 3.3.4 Digital Signatures
    • 3.3.5 Digital certificates
    • 3.3.6 Authentication with certificates
    • 3.3.7 How CA Certificates Establish Trust
    • 3.3.8 Managing Certificates
    • 3.3.9 Kerberos
    • 3.3.10 Using HTTP
    • 3.3.11 Secure Sockets Layer (SSL)
  • 3.4 XML Security Efforts
    • 3.4.1 XML Signature
    • 3.4.2 XML Encryption
  • 3.5 Web Services Security Efforts
    • 3.5.1 SAML
    • 3.5.2 XACML
    • 3.5.3 XKMS
    • 3.5.4 X-KRSS
    • 3.5.5 X-KISS
    • 3.5.6 WS-Security
• IV. Conclusions
  • 4.1 Key Notes
  • 4.2 Decision Points
  • 4.3 Figures
  • 4.4 Tables
• V. Vendor Profiles
  • 5.1 Web Services Security Platforms
  • 5.2 Secure Integration Vendors
  • 5.3 Global Trust Services
  • 5.4 Identity Management/Authorization/Single Sign-On Vendors
  • 5.5 Access & Policy Management Vendors
  • 5.6 Software XML Firewalls
  • 5.7 PKI Vendors
  • 5.8 Enterprise Security Services
• A. Related Research
• B. Supporting Resources
• C. Trademark Notice and Statement of Opinion
• About ZapThink, LLC

Download File

• The next roadblock on the path to Web Services adoption is security. Security is today’s key enabler for Web Services.
• The XML and Web Services security market will reach $4.4 billion in 2006, which will represent 65% of the total authentication, authorization, and administration security market. This growth represents an average compound annual growth rate of 300%.
• Web Services offer great potential for B2B communication and integration, but the lack of robust security and manageability solutions currently inhibit the ability for companies to conduct business with each other via Web Services over the Internet.
• The combination of adequate funding, solid business models, seasoned management teams, and high quality engineering staff leads some startups to offer surprisingly robust XML and Web Services security solutions.
• The best positioned companies to be profitable in the XML and Web Services security space are those companies that already have deep technical knowledge of application level security technologies, coupled with a solid customer base.
• There will be a spike in demand for Web Services security solutions within the next 12 months.
• Web Services will not play a major role in transactional environments in 2002-2003.
• The 2003 timeframe won’t see many multiple-company B2B Web Services, because companies will choose to implement B2B Web Services on a point-to-point basis.
• Existing 3A security vendors will incorporate XML and Web Services into their product lines, so by 2006, most 3A security products will support or provide XML and/or Web Services security.
• This report must be placed into the context of an overall security strategy. Simply securing all of a company’s Web Services alone can only provide a false sense of security.
• Enterprises must institute policies that apply to their entire enterprise network (including participants invited from outside), and administer that security in a hierarchical fashion.
• Next-generation firewalls must be capable of looking at the content of XML streams, and the security mechanisms for such data must be part of that content.
• Companies planning on using Web Services across the firewall will necessarily have to resolve the resulting security issues first.

Table of Contents:

• I. Report Scope
• II. Context for Security in the Web Services Model
  • 2.1 The ZapThink Web Services Roadmap
  • 2.2 Security: The Key Enabler for Web Services
  • 2.3 Context: Security Products & Services
  • 2.4 Context: Web Services Management and Infrastructure Products
  • 2.5 Context: Global Identity Services
  • 2.6 Context: Digital Rights Management Technologies
  • 2.7 Context: Directory Servers
• III. Technology Landscape
  • 3.1 XML security and the shift to Service-oriented computing
  • 3.2 Principles of Application Security
    • 3.2.1 Application level security requirements
    • 3.2.2 Authentication
    • 3.2.3 Authorization and Access Control
    • 3.2.4 Confidentiality
    • 3.2.5 Data Integrity
    • 3.2.6 Non-Repudiation
  • 3.3 IT Security Precursors
    • 3.3.1 Encryption and Decryption
    • 3.3.2 Symmetric-Key Encryption
    • 3.3.3 Public-Key Encryption
    • 3.3.4 Digital Signatures
    • 3.3.5 Digital certificates
    • 3.3.6 Authentication with certificates
    • 3.3.7 How CA Certificates Establish Trust
    • 3.3.8 Managing Certificates
    • 3.3.9 Kerberos
    • 3.3.10 Using HTTP
    • 3.3.11 Secure Sockets Layer (SSL)
  • 3.4 XML Security Efforts
    • 3.4.1 XML Signature
    • 3.4.2 XML Encryption
  • 3.5 Web Services Security Efforts
    • 3.5.1 SAML
    • 3.5.2 XACML
    • 3.5.3 XKMS
    • 3.5.4 X-KRSS
    • 3.5.5 X-KISS
    • 3.5.6 WS-Security
• IV. Market Segmentation
  • 4.1 Web Services Security Platforms
  • 4.2 Web Services Infrastructure Management Vendors
  • 4.3 Secure Integration/EAI Vendors
  • 4.4 Global Trust Services
  • 4.5 Identity Management/Authorization/Single Sign-On Vendors
  • 4.6 Access & Policy Management Vendors
  • 4.7 PKI Vendors
  • 4.8 Web Services Security Toolkit Vendors
  • 4.9 Software XML Firewalls
  • 4.10 Private Web Services Network Providers
  • 4.11 Enterprise Security Services
  • 4.12 Security Service Providers
• V. Current State of the Market
  • 5.1 Approaches to the Market
    • 5.1.1 Focused technology startups
    • 5.1.2 Established Web Services vendors
    • 5.1.3 Larger public vendors
  • 5.2 Customer perspective
• VI. Business & Technology Trends
  • 6.1 Long Term Trends: Relationship to the 3A Security Market
  • 6.2 Long term trends: relationship to Web Services market
  • 6.3 Inhibitors to the Growth of the XML and Web Services Security Market
• VII. Conclusions
  • 7.1 Key Notes
  • 7.2 Decision Points
  • 7.3 Figures
  • 7.4 Tables
• VIII. Vendor Profiles
  • 8.1 Web Services Security Platforms
  • 8.2 Secure Integration Vendors
  • 8.3 Global Trust Services
  • 8.4 Identity Management/Authorization/Single Sign-On Vendors
  • 8.5 Access & Policy Management Vendors
  • 8.6 Software XML Firewalls
  • 8.7 PKI Vendors
  • 8.8 Enterprise Security Services
• A. Related Research
• B. Supporting Resources
• C. Trademark Notice and Statement of Opinion
• About ZapThink, LLC

Download File

Read more at: UNIX Insider (IDG.net)

Read more at: UNIX Insider (IDG.net)