Home > Products > Bloombase SOA

Bloombase SOA - Service Oriented Architecture Information Security

Overview | Business Benefits | Specifications | Resources

Technical Specifications


Bloombase SOA Security Server speaks for itself to solve all above problems at low cost and high return-on-investment.

Horizontally, the product has converging focus in XML, web services, enterprise application integration (EAI) and public key infrastructure (PKI) technologies including digital signing and verifying, encryption and decryption. Vertically, it solves business document exchange security problems amongst government, financial institutions, logistics and e-commerce bodies.

It is the fundamental and indispensable piece protecting e-commerce operations. it can be installed on generic hardware playing key roles in enterprise message interchange/integration and value-added service for corporate and governmental applications which require bullet-proof security with concern at application transparency.

Download Specifications

You need Adobe Acrobat Reader to read our digital product brochure.



  • OASIS Security Assertion Markup Language (SAML)
  • Web Services Security (WSS)
  • Electronic Data Interchange (EDI) security
  • Electronic Application Integration (EAI) security
  • Service Oriented Architecture (SOA) security
  • Visa 3-D Secure
  • Verified by Visa
  • MasterCard SecureCode
  • JCB International J/Secure
  • American Express SafeKey
  • Health Level Seven (HL7)
  • RosettaNet


  • W3C compliant enveloping, enveloped and detached XML signature generation and verification
  • W3C compliant XML encryption and decryption
  • PKCS#1 signature generation and verification
  • PKCS#5 password-based encryption and decryption
  • PKCS#7 signature generation and verification
  • S/MIME encryption/decryption and signature generation
  • PKCS#5 encryption/decryption
  • Adobe Portable Document Format (PDF) signature generation and verification, encryption and decryption
  • NIST FIPS-197 AES encryption and decryption
  • Japan NTT/Mitsubishi Electric Camellia encryption and decryption
  • Korean Data Encryption Standard (SEED) and ARIA block ciphers
  • Chinese National SCB2(SM1), SSF33, SSF28 encryption and decryption
  • NIST FIPS-46-3 3DES encryption and decryption
  • DES, RC4, RC2, CAST5 encryption and decryption
  • 512, 1024 and 2048 bit public key cryptography
  • RSA and DSA public key cryptography
  • SHA-1, MD5 and Chinese National SCH(SM3) hash generation

Key Management

  • Multiple certificate authority (CA) support
  • Hardware true random (optional) or software pseudo-random key generation, inquiry and deletion
  • Built-in certificate request and revocation check (CRL/OCSP)
  • X.509 and PKCS#12 DER and PEM Key Import and Export
  • Key Usage Profiling
  • RDBMS and Generic LDAP Support and Integration
  • Industry Standard PKCS#11
  • NIST FIPS-140-1 level 2 cryptographic module support (optional)
  • Automatic Certificate Retrieval via HTTP or LDAP
  • Certificate Validity Check
  • Certificate Revocation Check via HTTP or LDAP
  • Certificate Revocation List (CRL)
  • Certificate Revocation List Distribution Point (CRLDP)
  • Online Certificate Status Protocal (OCSP)
  • CRL scheduled download, caching and automatic retry
  • OCSP scheduled request, caching and automatic retry

Hardware Security Module Support

  • AEP Networks Keyper
  • Oracle Sun Crypto Accelerator
  • Sophos Utimaco SafeGuard CryptoServer
  • Thales nShield
  • HP Atalla
  • IBM 4758 Cryptographic CoProcessor
  • IBM eServer Cryptographic Accelerator
  • IBM Crypto Express2
  • IBM CP Assist for Cryptographic Function
  • Cavium NITROX XL
  • Other PKCS#11 compliant hardware security modules

XML Features

  • Encryption
  • Decryption
  • Enveloping, enveloped and detached XML signature generation and verification
  • Transforms
  • Canonicalization
  • Web Services
  • SOAP
  • XSLT/XML processing
  • XML schema validation
  • XPath

Non-XML Features

  • PKCS#1 cryptography and digital signature
  • PKCS#7 cryptography and digital signature
  • Adobe PDF digital signature

Standard Support and Certification

  • OASIS Key Management Interoperability Protocol (KMIP) support
  • NIST FIPS 140-2 compliant Bloombase Cryptographic Module


  • Web based menu driven
  • SSL protection
  • No learning curve
  • Central administration and configuration
  • User security


  • Web services
  • Plain socket
  • HTTP
  • Java HTTP tunneling
  • Java Remote Method Invocation (RMI)
  • Native language support: C, C++, Java

Portability, Scalability and Extensibility

  • Pluggable framework
  • Configurable business logic and workflow
  • User programmable

High Availability and Clustering

  • Stateless active-standby failover
  • Stateful active-standby failover
  • Stateless active-active round-robin load-balancing
  • Stateful active-active round-robin load-balancing

Network Management

  • SNMP (v1, v2c, v3)
  • syslog, log rotation and auto-archive
  • Heartbeat and keep-alive

Platform Support

  • Bloombase OS
  • Solaris
  • HP-UX
  • OpenVMS
  • z/OS
  • AS400
  • Linux
  • Microsoft Windows
  • Mac OS X
  • VMware (vSphere, ESXi, Server), Oracle VM, Sun VirtualBox, Citrix XenServer, Microsoft Virtual Server

Hardware Support

  • i386-base architecture
  • AMD 32 and 64 architecture
  • Intel Itanium-2 architecture
  • IBM Power6 architecture
  • PA-RISC architecture
  • UltraSPARC architecture

The specification and outlook of the model may vary and is for reference only

System Architecture

Bloombase SOA is built upon Bloombase Security Platform which is a proven security infrastructure with scalability, portability and extensibility design and implementation concerns

Secure Your Data Now

Protect your data with Bloombase transparent encryption.

Bloombase Demonstrations

See how Bloombase protects your digital assets.

Bloombase SupPortal

Get technical support from Bloombase Supportal and Knowledgebase.