HP, IBM push new OASIS encryption key standard
A group of industry vendors, led by IBM, Hewlett-Packard and EMC, is proposing a new standard to make their encryption management software work together.
Called the Key Management Interoperability Protocol (KMIP), the standard is being proposed through OASIS (Organization for the Advancement of Structured Information Standards), the consortium best known for its development of Web-services standards.
On Thursday, OASIS is expected to announce that it has created a KMIP Technology Committee to produce the final specification for the standard. The committee will meet for the first time on April 24, but KMIP has been quietly under development for more than a year. It is also supported by Brocade, LSI, Seagate and Thales.
Backers see it as one way to replace the hodgepodge of different encryption-key management products out there. Today, IT staff must use different key management systems to control who gets access to different parts of the network. One system might be used for e-mail encryption, a second for storage and a third for the database. "The scope of the standard is very broad," said Mark Schiller, a director with HP's Security Office. "It will work for just about any type of device you can imagine."
KMIP's backers say their standard will be "complementary" to existing key management standards such as the storage-focused IEEE 1619.3 and the OASIS EKMI XML standard.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
ibm
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
