[an error occurred while processing this directive] IBM Research - Zurich | News

Leading organizations unveil new interoperability specification for encryption key management to aid IT security, compliance and data recovery

IBM Researchers contribute in the effort to remove barriers to enterprise-wide encryption

Top story

English | Deutsch

Cambridge, UK, 12 February 2009—Brocade, HP, IBM, LSI, RSA – The Security Division of EMC, Seagate and Thales (formerly nCipher) today announced the creation of a jointly developed specification for enterprise key management that is engineered to dramatically simplify how companies encrypt and safeguard information. The companies—leaders in enterprise computing, storage, and security—developed the Key Management Interoperability Protocol (KMIP) in response to customers' needs to enable the widespread use of encryption. The companies intend to submit KMIP to OASIS (Organization for the Advancement of Structured Information Standards) for advancement through the organization's open standards process.

KMIP was developed by HP, IBM, RSA and Thales to meet the compelling needs of today's enterprise data center environments, with Brocade, LSI and Seagate joining the effort. All seven companies will now be devoting time and resources to OASIS for ongoing development.

According to IDC [1], 44 percent of enterprises plan to encrypt more than 75 percent of their data by 2009, and one of the top two issues related to deploying encryption is the ability to recover the data [2].

"The use of encryption is widely recognized as the best method for protecting valuable information and enabling compliance with industry and government regulations," says Charles Kolodgy, research director at IDC. "Time and time again, our research shows the primary barrier to the widespread use of encryption is the fear that encrypted data will be lost—slowing the adoption of encryption. Users are demanding strong key management systems and advancing this work through the open standards process offers tangible benefits for vendors, developers and enterprises alike."

Companies often deploy separate encryption and key management systems for different business uses, such as laptops, storage, databases and applications, and until now cumbersomeoften manualefforts were necessary to generate, distribute, vault, expire, and rotate encryption keys. This has resulted in increased costs for IT, difficulty meeting audit and compliance requirements, and lost data.

"The IT community is asking for open standards and interoperability to help meet the increasing demand for encryption," says Laurent Liscia, executive director of OASIS. "We applaud Brocade, HP, IBM, LSI, RSA, Seagate and Thales for choosing to advance KMIP through the open standards process, and we encourage others in the security communityboth users and providersto participate in the standardization of this very important work."

Developed by leading enterprise storage, systems and security vendors, KMIP is designed to provide a single, comprehensive protocol for communication between enterprise key management services and encryption systems. Brocade, HP, IBM, LSI, RSA, Seagate and Thales are committed to delivering KMIP-enabled solutions. By taking advantage of KMIP-enabled software and devices, companies will be able to cut operational costs and reduce risk by removing redundant, incompatible key management processes.

Streamlined key management is essential in a wide variety of data management processes. For example, the data recovery process requires locating encryption keys quickly even for tapes created weeks or months earlier. At the same time, this efficiency must not impact the security of keys or violate corporate policies regarding how keys are stored and distributed. KMIP enables vendors to address this need for enterprise-wide key management, providing customers with better data security and decreased expenditures on multiple key management products and operations.

KMIP is the first specification for enterprise key management that is ready for adoption. It was developed to support other industry standardization efforts and is complementary to application-specific standards projects such as IEEE 1619.3 (for storage needs) and OASIS EKMI (for XML needs).

About the Key Management Interoperability Protocol (KMIP)

The Key Management Interoperability Protocol (KMIP) enables key lifecycle management. KMIP can be used by both legacy and new encryption applications, supporting symmetric keys, asymmetric keys, digital certificates, and other "shared secrets". KMIP offers developers templates to simplify the development and use of KMIP-enabled applications.

KMIP defines the protocol for encryption client and key management server communication. Key lifecycle operations supported include generation, submission, retrieval, and deletion of cryptographic keys. Vendors intend to deliver KMIP-enabled encryption applications that support communication with compatible KMIP key management servers.

More information can be found at xml.coverpages.org/KMIP/.

[1] IDC, Data Protection Study: Data Encryption Option, Doc #207606, June 2007.
[2] IDC, IDC Encryption Usage Survey, Doc # 213646, August 2008.

About Brocade

Brocade® (Nasdaq: BRCD) develops extraordinary networking solutions that enable today's complex, data-intensive businesses to optimize information connectivity and maximize the business value of their data. For more information, visit www.brocade.com.

About EMC

EMC Corporation (NYSE: EMC) is the world's leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC's products and services can be found at www.EMC.com.

About HP

HP, the world's largest technology company, simplifies the technology experience for consumers and businesses with a portfolio that spans printing, personal computing, software, services and IT infrastructure. More information about HP (NYSE: HPQ) is available at www.hp.com/.

About IBM

For more information, please visit www.ibm.com.

About LSI

LSI Corporation (NYSE: LSI) is a leading provider of innovative silicon, systems and software technologies that enable products, which seamlessly bring people, information and digital content together. The company offers a broad portfolio of capabilities and services including custom and standard product ICs, adapters, systems and software that are trusted by the world's best known brands to power leading solutions in the Storage and Networking markets. More information is available at www.lsi.com.

About RSA

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycleno matter where it moves, who accesses it or how it is used. RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

About Seagate

Seagate is the worldwide leader in the design, manufacture and marketing of hard disk drives and storage solutions, providing products for a wide-range of applications, including Enterprise, Desktop, Mobile Computing, Consumer Electronics and Branded Solutions. Seagate’s business model leverages technology leadership and world-class manufacturing to deliver industry-leading innovation and quality to its global customers, with the goal of being the time-to-market leader in all markets in which it participates. The company is committed to providing award-winning products, customer support and reliability to meet the world’s growing demand for information storage.

Seagate can be found around the globe and at www.seagate.com.

For more information about Seagate's Self-Encrypting Drive security solutions, visit www.SEDSecuritySolutions.com.

About Thales

Thales is a leading international electronics and systems group, addressing defense, aerospace and security markets worldwide. Thales's leading-edge technology is supported by 22,000 R&D engineers who offer a capability unmatched in Europe to develop and deploy field-proven mission-critical information systems. To this end, the group's civil and military businesses develop in parallel and share a common base of technologies to serve a single objective: the security of people, property and nations. The group builds its growth on its unique multi-domestic strategy based on trusted partnerships with national customers and market players, while leveraging its global expertise to support local technology and industrial development. Thales employs 68,000 people in 50 countries with 2007 revenues of $19.1 billion. Thales in the U.S. includes over 3000 employees and 15 locations in 11 states. Thales U.S. order intake in 2008 ranked third globally among the company's key international operations.

Press contact

Nicole Strachowski
Media Relations
IBM Research - Zurich
Tel +41 44 724 84 45

[an error occurred while processing this directive]
[an error occurred while processing this directive]
[an error occurred while processing this directive]