Feeds

Sun wades into key management kerfuffle

Encryption standards soup thickens

5 things you didn’t know about cloud backup

Sun has thrown its open source key management ideas into the key management standards giant brandy glass, offering license-free management that it hopes will become an industry standard.

The generic idea everyone is agreed upon is that encrypting devices using keys should be able to interoperate with any key management system using a standard protocol. Suppliers can then compete with their own encrypting devices and key management products, either proprietary or, as in Sun's case, open source.

There appear to be two main efforts devoted to producing standard protocol to link encrypting devices and key managers: The IEEE 1619.3 committee, said to be focussed on storage-related encryption, and the OASIS Enterprise Key Management Infrastructure (EKMI) technical committee.

There is a third initiative from the Trusted Computing Group devoted to self-encrypting devices and their key management. The TCG says its work is unique and complementary to the OASIS and IEEE efforts.

On February 12 several vendors said they were forming an OASIS Key Management Interface Protocol (KMIP) technical committee, saying that their supported KMIP is ready for adoption and supports a broader set of use cases than both the EMKI set and IEEE 1619.3.

Now Sun has released its own open source KMIP, downloadable from here, and packaged as part of its Open Storage initiative. It says its protocol "is available to customers using the Sun StorageTek KMS 2.0 Key Manager and StorageTek T9840D, T10000A, T10000B tape drives, as well as Sun's HP LTO4 drives shipped in Sun libraries.

"A number of additional partners are developing products based on this protocol, including EMC, whose RSA security division has talked about releasing it as an option on their RKM Key Manager."

IBM's tape drive division is working on supporting this protocol for its LTO4 drive shipped in Sun Libraries. Sun has also shared this protocol with numerous other industry partners including computer OEMs, back up application providers, disk array and switch manufacturers. That doesn't mean anything more than that they've agreed to look at it, though.

This is where the OASIS/Sun intersection gets fun. The OASIS KMIP group constitute EMC, IBM, HP and Thales with Brocade, LSI, NetApp and Seagate joining in too. No Sun though. Sun says it will work with the IEEE 1619.3 group and OASIS "to further develop and formalize the interface as an industry standard".

Sun's statement doesn't say it will actually support the OASIS KMIP effort so we might assume that, nothwithstanding EMC and IBM support of Sun to the extent described above, any OASIS KMIP-compliant key managers and encrypting devices will not necessarily work with Sun KMIP-compliant encrypting devices and key managers. It's enough to make you weep AES-256-encrypted tears. ®

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?