Click here to close now.

Welcome!

Websphere Authors: Pat Romanski, Carmen Gonzalez, Elizabeth White, Baruch Sadogursky, Yeshim Deniz

News Feed Item

Key Management Interoperability Protocol (KMIP) 1.1 and KMIP Profiles 1.1 Become OASIS Standards

The OASIS international open standards consortium announced the approval of version 1.1 of the Key Management Interoperability Protocol (KMIP) Specification and KMIP Profiles. KMIP enables interoperable communication between cryptographic environments and key managers, reducing the operational, training, and infrastructure costs for key management in the enterprise. KMIP 1.1 and the related KMIP Profiles 1.1 are now official OASIS Standards, a status that signifies the highest level of ratification.

“The beauty of KMIP is that it delivers a single protocol that any cryptographic environment—tape drives, application encryption software development kits, database encryption applications—can use to talk to any key manager,” explained Robert Griffin of RSA, the security division of EMC, co-chair of the OASIS KMIP Technical Committee. “That means developers need to learn just one set of tools, and changes in key management strategy can be put in place without having to retrofit applications. The savings are tremendous.”

In addition to the main specification, KMIP Profiles define functionality sets that address specific scenarios (such as vaulting keys created within a storage environment). KMIP Profiles also define the authentication that must be used to ensure message confidentiality and integrity.

“It’s exciting to see how far we’ve come since we began work on KMIP in 2009,” said Subhash Sankuratripati of NetApp, who also co-chairs the OASIS KMIP Technical Committee. The group now includes representatives of more than 32 vendors and end user organizations from around the world. “KMIP is widely regarded as the key management interoperability solution, and version 1.1 has already been implemented in an array of products.”

Many of those products will be on display at the RSA Conference 2013 in San Francisco, 25-27 February 2013. Cryptsoft, Hewlett-Packard, IBM, QuintessenceLabs, Thales e-Security, Townsend Security, and Vormetric will demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between the vendors’ systems. The demonstration builds on the substantial interoperability testing that was conducted throughout the development of KMIP 1.1.

KMIP 1.1 is offered for implementation on a royalty-free basis. Companies, non-profit groups, governments, academic institutions, and individuals are welcome to participate in the OASIS KMIP Technical Committee, which is currently working on version 1.2 of the specification. As with all OASIS projects, archives of the KMIP Technical Committee’s work are accessible to both members and non-members, and OASIS hosts an open mail list for public comment.

Support for KMIP 1.1

Cryptsoft
“As a co-editor and key contributor to KMIP 1.1, Cryptsoft is committed to providing our OEM partners and customers with innovative, standards-based technologies and as such are pleased to support v1.1 of the OASIS KMIP specification. Building on the solid foundation of KMIP v1.0, version 1.1 of the specification further addresses the full spectrum of enterprise key management requirements across physical, virtual and cloud-based deployments.”
-- Tim Hudson, Chief Security Architect, Cryptsoft

HP
“As the foundation of data protection and governance, strong cryptography and key management controls are critical elements in any enterprise encryption strategy. With the approval of KMIP 1.1, organizations can more effectively apply encryption to protect sensitive data while reducing the costs associated with managing keys across the enterprise. HP recognizes the significance of this milestone and looks forward to continued partnership with OASIS in promoting industry consensus for global security and compliance.”
-- Frank Mong, VP & General Manager of Solutions, HP Enterprise Security

IBM
“Our clients are demanding open, interoperable solutions for securing their cloud environments. Through our collaboration with the other members of the KMIP Technical Committee, and by offering support for this important revision of the KMIP standard in our currently shipping offerings, IBM is working hard to deliver on our clients requirements.”
--Todd Moore, IBM Director for Interoperability and Partnerships, IBM

Thales e-Security
“This announcement is a great step forward on the road to making enterprise key management a reality. KMIP 1.1 allows organizations to develop a key management strategy that is independent of the numerous uses of encryption across their enterprise. As an originator of the KMIP standard, Thales is pleased to actively contribute to the OASIS Technical Committee and promote the KMIP standard worldwide.”
-- Bob Lockhart, Chief Solutions Architect Key Management, Thales e-Security

Vormetric
“KMIP is widely recognized as the leading industry standard protocol for key management between an encryption client and a key management server. This standard is seeing rapid industry adoption, and we are delighted to be demonstrating our support for OASIS KMIP at RSA Conference.”
-- Ashvin Kamaraju, VP of Product Development, Vormetric

Additional information:

OASIS KMIP Technical Committee:
http://www.oasis-open.org/committees/kmip/

KMIP 1.1 OASIS Standard:
https://www.oasis-open.org/standards#kmipspecv1.1

About OASIS:
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for security, Cloud computing, business transactions, Web services, Smart Grid, content management, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries: http://www.oasis-open.org.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo – to be held June 9-11, 2015, at the Javits Center in New York City, NY – is now accepting Hackathon proposals. Hackathon sponsorship benefits include general brand exposure and increasing engagement with the developer ecosystem. At Cloud Expo 2014 Silicon Valley, IBM held the Bluemix Developer Playground on November 5 and ElasticBox held the DevOps Hackathon on November 6. Both events took place on the expo floor. The Bluemix Developer Playground, for developers of all levels, highlighted the ease of use of...
We’re no longer looking to the future for the IoT wave. It’s no longer a distant dream but a reality that has arrived. It’s now time to make sure the industry is in alignment to meet the IoT growing pains – cooperate and collaborate as well as innovate. In his session at @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, will examine the key ingredients to IoT success and identify solutions to challenges the industry is facing. The deep industry expertise behind this presentation will provide attendees with a leading edge view of rapidly emerging IoT oppor...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective storage designed to handle the massive surge in back-end data in a world where timely analytics is e...
We certainly live in interesting technological times. And no more interesting than the current competing IoT standards for connectivity. Various standards bodies, approaches, and ecosystems are vying for mindshare and positioning for a competitive edge. It is clear that when the dust settles, we will have new protocols, evolved protocols, that will change the way we interact with devices and infrastructure. We will also have evolved web protocols, like HTTP/2, that will be changing the very core of our infrastructures. At the same time, we have old approaches made new again like micro-services...
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the industry’s first all flash version of HyperConverged Appliances that include both compute and storag...
For years, we’ve relied too heavily on individual network functions or simplistic cloud controllers. However, they are no longer enough for today’s modern cloud data center. Businesses need a comprehensive platform architecture in order to deliver a complete networking suite for IoT environment based on OpenStack. In his session at @ThingsExpo, Dhiraj Sehgal from PLUMgrid will discuss what a holistic networking solution should really entail, and how to build a complete platform that is scalable, secure, agile and automated.
The industrial software market has treated data with the mentality of “collect everything now, worry about how to use it later.” We now find ourselves buried in data, with the pervasive connectivity of the (Industrial) Internet of Things only piling on more numbers. There’s too much data and not enough information. In his session at @ThingsExpo, Bob Gates, Global Marketing Director, GE’s Intelligent Platforms business, to discuss how realizing the power of IoT, software developers are now focused on understanding how industrial data can create intelligence for industrial operations. Imagine ...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS solutions that provide a Hadoop flavor either make choices for customers very flexible in the name of opti...
In the consumer IoT, everything is new, and the IT world of bits and bytes holds sway. But industrial and commercial realms encompass operational technology (OT) that has been around for 25 or 50 years. This grittier, pre-IP, more hands-on world has much to gain from Industrial IoT (IIoT) applications and principles. But adding sensors and wireless connectivity won’t work in environments that demand unwavering reliability and performance. In his session at @ThingsExpo, Ron Sege, CEO of Echelon, will discuss how as enterprise IT embraces other IoT-related technology trends, enterprises with i...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
Wearable devices have come of age. The primary applications of wearables so far have been "the Quantified Self" or the tracking of one's fitness and health status. We propose the evolution of wearables into social and emotional communication devices. Our BE(tm) sensor uses light to visualize the skin conductance response. Our sensors are very inexpensive and can be massively distributed to audiences or groups of any size, in order to gauge reactions to performances, video, or any kind of presentation. In her session at @ThingsExpo, Jocelyn Scheirer, CEO & Founder of Bionolux, will discuss ho...
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
Every day we read jaw-dropping stats on the explosion of data. We allocate significant resources to harness and better understand it. We build businesses around it. But we’ve only just begun. For big payoffs in Big Data, CIOs are turning to cognitive computing. Cognitive computing’s ability to securely extract insights, understand natural language, and get smarter each time it’s used is the next, logical step for Big Data.
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will want to use their existing identities, but these will have credentials already that are (hopefully) i...
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.