HP, IBM push new OASIS encryption key standard
A group of industry vendors, led by IBM, Hewlett-Packard and EMC, is proposing a new standard to make their encryption management software work together.
Called the Key Management Interoperability Protocol (KMIP), the standard is being proposed through OASIS (Organization for the Advancement of Structured Information Standards), the consortium best known for its development of Web-services standards.
On Thursday, OASIS is expected to announce that it has created a KMIP Technology Committee to produce the final specification for the standard. The committee will meet for the first time on April 24, but KMIP has been quietly under development for more than a year. It is also supported by Brocade, LSI, Seagate and Thales.
Backers see it as one way to replace the hodgepodge of different encryption-key management products out there. Today, IT staff must use different key management systems to control who gets access to different parts of the network. One system might be used for e-mail encryption, a second for storage and a third for the database. "The scope of the standard is very broad," said Mark Schiller, a director with HP's Security Office. "It will work for just about any type of device you can imagine."
KMIP's backers say their standard will be "complementary" to existing key management standards such as the storage-focused IEEE 1619.3 and the OASIS EKMI XML standard.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
ibm
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.













