New Protocol Definition For Encryption Key Management Developed

Cryptography Key (wiki)

A new specification for enterprise key management – the first of its kind – for the purpose of information security and data encryption has been developed by a clutch of leading companies in the IT domain. Called KMIP – short for “Key Management Interoperability Protocol” -, the specs are being submitted to the Organization for the Advancement of Structured Information Standards (OASIS) so that the protocol becomes acceptable industry-wide and begins to be put into good use.

The companies involved in developing KMIP from the initial conception stage are: HP, IBM, RSA and Thales, with Brocade, LSI and Seagate joining the effort at a later date.

People wanting to go in for data encryption suffer from the biggest fear: what if, after the data is encrypted, they forget how to decrypt it? What if, after locking the door to the treasure, you throw away the key and discover you yourself cannot now open the door? Up until now, therefore, companies have come up with convoluted and cumbersome solutions to handle this problem – and the solutions are as diverse as there are business uses, so you have one solution for laptops, another for storage, yet another for databases and quite another for applications. Keys, after generation had to be distributed, then vaulted, and then expired and rotated. The KMIP is expected to simultaneously simplify this process and introduce open standards into the domain.

The KMIP is complementary to application-specific standards projects such as IEEE 1619.3 and OASIS EKMI.

Read more about latest development in information security and data encryption, here.