Welcome!

Containers Expo Blog Authors: Yeshim Deniz, Pat Romanski, Elizabeth White, Liz McMillan, Ravi Rajamiyer

News Feed Item

Key Management Interoperability Protocol (KMIP) 1.1 and KMIP Profiles 1.1 Become OASIS Standards

The OASIS international open standards consortium announced the approval of version 1.1 of the Key Management Interoperability Protocol (KMIP) Specification and KMIP Profiles. KMIP enables interoperable communication between cryptographic environments and key managers, reducing the operational, training, and infrastructure costs for key management in the enterprise. KMIP 1.1 and the related KMIP Profiles 1.1 are now official OASIS Standards, a status that signifies the highest level of ratification.

“The beauty of KMIP is that it delivers a single protocol that any cryptographic environment—tape drives, application encryption software development kits, database encryption applications—can use to talk to any key manager,” explained Robert Griffin of RSA, the security division of EMC, co-chair of the OASIS KMIP Technical Committee. “That means developers need to learn just one set of tools, and changes in key management strategy can be put in place without having to retrofit applications. The savings are tremendous.”

In addition to the main specification, KMIP Profiles define functionality sets that address specific scenarios (such as vaulting keys created within a storage environment). KMIP Profiles also define the authentication that must be used to ensure message confidentiality and integrity.

“It’s exciting to see how far we’ve come since we began work on KMIP in 2009,” said Subhash Sankuratripati of NetApp, who also co-chairs the OASIS KMIP Technical Committee. The group now includes representatives of more than 32 vendors and end user organizations from around the world. “KMIP is widely regarded as the key management interoperability solution, and version 1.1 has already been implemented in an array of products.”

Many of those products will be on display at the RSA Conference 2013 in San Francisco, 25-27 February 2013. Cryptsoft, Hewlett-Packard, IBM, QuintessenceLabs, Thales e-Security, Townsend Security, and Vormetric will demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between the vendors’ systems. The demonstration builds on the substantial interoperability testing that was conducted throughout the development of KMIP 1.1.

KMIP 1.1 is offered for implementation on a royalty-free basis. Companies, non-profit groups, governments, academic institutions, and individuals are welcome to participate in the OASIS KMIP Technical Committee, which is currently working on version 1.2 of the specification. As with all OASIS projects, archives of the KMIP Technical Committee’s work are accessible to both members and non-members, and OASIS hosts an open mail list for public comment.

Support for KMIP 1.1

Cryptsoft
“As a co-editor and key contributor to KMIP 1.1, Cryptsoft is committed to providing our OEM partners and customers with innovative, standards-based technologies and as such are pleased to support v1.1 of the OASIS KMIP specification. Building on the solid foundation of KMIP v1.0, version 1.1 of the specification further addresses the full spectrum of enterprise key management requirements across physical, virtual and cloud-based deployments.”
-- Tim Hudson, Chief Security Architect, Cryptsoft

HP
“As the foundation of data protection and governance, strong cryptography and key management controls are critical elements in any enterprise encryption strategy. With the approval of KMIP 1.1, organizations can more effectively apply encryption to protect sensitive data while reducing the costs associated with managing keys across the enterprise. HP recognizes the significance of this milestone and looks forward to continued partnership with OASIS in promoting industry consensus for global security and compliance.”
-- Frank Mong, VP & General Manager of Solutions, HP Enterprise Security

IBM
“Our clients are demanding open, interoperable solutions for securing their cloud environments. Through our collaboration with the other members of the KMIP Technical Committee, and by offering support for this important revision of the KMIP standard in our currently shipping offerings, IBM is working hard to deliver on our clients requirements.”
--Todd Moore, IBM Director for Interoperability and Partnerships, IBM

Thales e-Security
“This announcement is a great step forward on the road to making enterprise key management a reality. KMIP 1.1 allows organizations to develop a key management strategy that is independent of the numerous uses of encryption across their enterprise. As an originator of the KMIP standard, Thales is pleased to actively contribute to the OASIS Technical Committee and promote the KMIP standard worldwide.”
-- Bob Lockhart, Chief Solutions Architect Key Management, Thales e-Security

Vormetric
“KMIP is widely recognized as the leading industry standard protocol for key management between an encryption client and a key management server. This standard is seeing rapid industry adoption, and we are delighted to be demonstrating our support for OASIS KMIP at RSA Conference.”
-- Ashvin Kamaraju, VP of Product Development, Vormetric

Additional information:

OASIS KMIP Technical Committee:
http://www.oasis-open.org/committees/kmip/

KMIP 1.1 OASIS Standard:
https://www.oasis-open.org/standards#kmipspecv1.1

About OASIS:
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for security, Cloud computing, business transactions, Web services, Smart Grid, content management, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries: http://www.oasis-open.org.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...