BNET UK
silicon.com
ZDNet UK

Home
News
Blogs
Reviews
Videos
Jobs
Resources
Community

Leader
Comment
White Papers
Downloads
Special Reports

Hardware
Software
Communications
Internet
Security
IT Management
Emerging Tech
Leader

Group Blogs
News Blog
Post Room
Rupert's Diary

Hardware Reviews
Software Reviews
Editors' Choice
Buyer's Guides
Tech Guides
Competitions

Dialogue Box
Security threats
Server platforms
Mobile devices
Application development
Full video index

Articles
White Papers
Downloads
Companies
Broadband Speed Test

People
Competitions
Post Room
FAQ

You are here: ZDNet UK > News > Security

Security management Toolkit

Oasis group aims to simplify crypto-key management

Tags:
Oasis,
Key Management,
Encryption

Tom Espiner ZDNet.co.uk

Published: 07 May 2009 15:21 BST

Open-standards consortium Oasis has formed a group to devise a standard aimed at allowing encryption products to work easily with business applications and with each other.

Group members include IBM, Cisco, EMC, HP, PGP Corporation, Symantec and the US National Institute of Standards and Technology (NIST).

The Oasis group, called the Key Management Interoperability Protocol (KMIP) Technical Committee, will aim to define a single protocol for communication between encryption systems and enterprise applications, to cover such things as email, databases and storage devices. The companies participating in the new group submitted a key-management interoperability standard to Oasis in February.

Key-management interoperability is "vital" for businesses to be able to successfully implement encryption and protect data, according to Jamie Cowper, PGP's EMEA marketing manager.

"With the best will in the world, businesses are never going to be using a single encryption product, or a single company to provide that," Cowper told ZDNet UK on Thursday. "It's great to see key members of the security and encryption community working together and recognising the business need for key-management interoperability."

Key management is a problem for businesses, according to Cowper. As more documents are encrypted throughout an enterprise or shared with third parties, keys proliferate. Managing the administration of those keys until they are revoked is a problem that is exacerbated as companies grow, said Cowper.

"Encryption is really just a standard," said Cowper. "To strongly protect and decrypt in an automated way is the clever bit."

The Oasis KMIP group aims to provide a protocol that will enable interoperability of products throughout a key's lifecycle, which includes the generation, submission, retrieval and deletion of cryptographic keys. KMIP will support symmetric and asymmetric keys, digital certificates and other shared secrets.

Did you find this article useful?
1 out of 1 people found this useful

Share this article:
Digg
Slashdot
Del.ici.ous
Stumble
Reddit

In association with Network Liberation Movement

Company/Topic Alerts

Create a new alert from the list below:

IBM
Symantec
EMC
Encryption
Oasis

PGP
Cisco Systems
HP
Key management

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video

Install Flash Player plugin

Find out more: Microsoft exec outlines...

All videos
Most popular videos
Latest videos

Featured Talkback

It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.