Twelve Companies Demonstrate Interoperability for OASIS KMIP and PKCS #11 Encryption and Cryptographic Token Interface Standards at RSA 2015

Share Article

Cryptosense, Cryptsoft, Dell, Feitian, Fornetix, HP, IBM, Oracle, P6R, Thales, Utimaco, and Vormetric Collaborate to Prove Multi-Vendor Interoperability

Demonstrating interoperability between enterprise key managers and HSMs, U2F tokens, OTP tokens, and storage appliances opens up the reality of choice for CIOs, CSOs and CTOs.

An RSA 2015 stand-out is the multi-vendor showcase hosted by the OASIS open standards consortium in which 12 vendors demonstrate their support for standards and interoperability between their products. The event spotlights two of the industry's most widely-adopted security standards--the OASIS Key Management Interoperability Protocol (KMIP) and the Public-Key Cryptography Standard (PKCS) #11.

"The OASIS 2015 interoperability demonstration is a small window into the large, expanding reality of market proven interoperability between enterprise key managers, cryptographic devices and range of storage, security and cloud products," said Tony Cox, OASIS KMIP Technical Committee Chair and Interoperability Event Lead. "Demonstrating interoperability between enterprise key managers and HSMs, U2F tokens, OTP tokens, and storage appliances opens up the reality of choice for CIOs, CSOs and CTOs. They can now choose the best-of-breed, vendor agnostic solutions that suit their organization's current and future requirements, secure in the knowledge that interoperability is not an unknown variable but a clearly defined constant."

KMIP Interop

KMIP enables true interoperable communication between key management clients and key management servers. The RSA demo shows clients from Cryptsoft, Fornetix, and P6R communicating with key management servers from Cryptsoft, Dell, Fornetix, HP, IBM, Thales, and Vormetric. The clients and servers demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between vendor systems. The Interop provides an excellent opportunity to see multiple versions KMIP in practice (1.0, 1.1, 1.2, and 1.3 are demonstrated), showing the value of KMIP as the standard for enterprise key management operations in multi-vendor environments.

PKCS #11 Interop

The PKCS#11 delivers an API for cryptographic token devices. The demonstration feature applications from Cryptosense, Cryptsoft, Feitian, Oracle, Utimaco, and Vormetric, and devices from Cryptsoft, Feitian, Oracle, and Utimaco. Vendor-independent storage of cryptographic information and performance of cryptographic functions are shown, including generating, finding and using cryptographic objects with combinations of one or more symmetric keys, asymmetric keys, or certificates between vendor systems. Here too, support for a range of PKCS11 versions are demonstrated, showing the value of PKCS #11 as the standard for interacting with cryptographic devices in multi-vendor environments.

The OASIS KMIP and PKCS #11 Interops are being held at RSA Conference 2015 in Booth 1921 from 20-24 April.

Support for KMIP and PKCS #11 Demos

Tim Hudson, Cryptsoft CTO: "As a major OEM technology supplier, Cryptsoft is aware that the OASIS KMIP and PKCS #11 standards are the preferred key management and cryptographic capa-bility foundations for enterprise data security implementations. Multiple significant changes in the enterprise security trust landscape has fueled further demand for interoperable open standards based solutions that facilitate management insight and control of data and cryptographic devices alike. Supplying OASIS conformant solutions helps ensure that these demands are met practically and securely without sacrificing interoperability."

Chuck White, Fornetix CTO: "We’re excited to demonstrate our KMIP Server and Client in-teroperability at the OASIS KMIP Interop RSA 2015. The KMIP specifications provide structure for objects, attributes and actions which align well with Fornetix’s implementation of policy and workflow automation in key lifecycle management. Participating as part of KMIP TC has been a great opportunity to work with industry at a time when the technology's application is exploding and the need for standards based approaches hasn't been greater."

Albert Biketi, HP Security, Atalla general manager: "HP is proud to be an original active member of the OASIS KMIP Technical Committee and continues to drive KMIP adoption with industry partnerships to benefit customers. HP Enterprise Secure Key Manager (ESKM), a certified KMIP-conformant server, assists HP customers with KMIP-enabled storage solutions to deploy a secure, reliable point of management for their business-critical encryption keys across their enterprise."

Rick Robinson, IBM Product Management, Encryption and Key Management: "IBM is proud to participate again in this year’s KMIP Interop. Development and adoption of standards, especially those pertaining to key management, are critical for our customer’s success. On behalf of our customers, IBM brings leadership in intelligence, integration and expertise to data protection through its contributing to and promotion of this global standard."

Markus Flierl, Oracle Solaris VP: "As cryptography is becoming an expected part of on premise and cloud deployments, we are excited by the benefits of enterprise key management interoperability to make enterprise administration easier and safer. We support the OASIS PKCS11 standard efforts and are excited about making your data more secure."

Richard Moulds, Thales e-Security VP strategy: "As a founding TC member and KMIP author, Thales e-Security is pleased to support industry-wide standards that make encryption easier to adopt. Our keyAuthority hardware appliance delivers high-performance and high-assurance for customers as they deploy new encryption applications that require centralized key management. However, as highlighted in this year’s Encryption and Key Management Trends report, sponsored by Thales, key management remains a major stumbling block for organizations. We look forward to showcasing keyAuthority with our industry peers dedicated to open standards and interoperability."

Derek Tumulak, Vormetric VP of product management: "KMIP and PCKS#11 are industry standards enabling organizations to adopt encryption and key management enterprise-wide. We’re happy to support these open standards as part of the Vormetric Data Security Platform. Our platform helps reduce enterprise cost with a single data security solution for protecting information in traditional database, application server, file server, Cloud, Big Data, and a number of third party environments through our support of open standards."

Additional information:

OASIS KMIP Technical Committee

OASIS PKCS 11 Technical Committee

About OASIS:
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for security, cloud computing, Web services, the Smart Grid, content technologies, business transactions, emergency management, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Carol Geyer
+1 (941) 284-0403
Email >
Follow >
Follow us on
Visit website