SAN FRANCISCO--()--Support for two of the most widely adopted security standards from the OASIS international consortium are showcased at the RSA Conference in Booth 3012 this week. The Key Management Interoperability Protocol (KMIP) and the eXtensible Access Control Markup Language (XACML) OASIS Standards are being featured in two separate demonstrations involving fourteen companies. These organizations provide solutions that offer implementers a range of products backed by the assurance of interoperability over time.
“We are delighted to be demonstrating interoperable key management in the OASIS booth at RSA Conference. KMIP is gaining rapid adoption as the industry standard protocol for key management between an encryption client and a key management server, and Vormetric is pleased to take part in this interoperability effort.”
KMIP Interop
Interoperable communication between key management clients and key management servers is the focus of the KMIP demonstration. Clients from Cryptsoft, IBM, Quintessence Labs, and Thales e-Security communicate with key management servers from Cryptsoft, HP, IBM, Quintessence Labs, Thales e-Security, Townsend Security and Vormetric. Together, the clients and servers demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between vendor systems. Support for multiple versions of KMIP is being demonstrated, including the new KMIP 1.1 OASIS Standard, as well as KMIP 1.0 and KMIP 1.2 (currently under development).
XACML Interop
The XACML demonstration shows how access control can be managed in large-scale environments where resources are distributed and policy administration is federated. Axiomatics, Boeing, Dell, Forgerock, NextLabs, Oracle, and ViewDS show implementations of the XACML Intellectual Property Control, Export Control-US, JSON and REST Profiles. These profiles enable organizations to control the usage and distribution of data according to resource properties such as Copyright, Trademark, Proprietary, Export Control Classifications, and licensing authorities, while using the latest communication protocols across various platforms and applications. During the showcase, resource attributes are obtained directly from metadata in the data objects themselves and travel with the data objects.
Support for KMIP Interop
Cryptsoft
“OASIS KMIP delivers--2010 saw KMIP products in
development, 2011 brought products from the early adopters, 2012 showed
us deployed interoperability via KMIP was a reality, and in 2013 we’re
now seeing widespread industry adoption. As one of the most widely used
OEM suppliers of KMIP technology, Cryptsoft is committed to enabling
industry adoption of KMIP. Our SDKs and adaptors enable our clients to
both embrace KMIP and support existing non-KMIP solutions.”
-- Tim
Hudson, Chief Security Architect
Thales e-Security
“Participants in the OASIS
interoperability booth are demonstrating their commitment to the KMIP
standard, and Thales is delighted to showcase keyAuthority, its own high
assurance key manager. These types of events give customers confidence
to develop their own key management strategies and act as a catalyst for
the enterprise key management market.”
-- Bob Lockhart, Chief
Solutions Architect Key Management, Thales e-Security
Vormetric
"We are delighted to be demonstrating
interoperable key management in the OASIS booth at RSA Conference. KMIP
is gaining rapid adoption as the industry standard protocol for key
management between an encryption client and a key management server, and
Vormetric is pleased to take part in this interoperability effort."
--
Ashvin Kamaraju, VP of Product Development, Vormetric
Support for XACML Interop
Axiomatics
“As Axiomatics provides editorial support for
XACML 3.0, we’re very happy to see OASIS organizing this interop to
demonstrate some of the latest features of XACML 3.0 including the new
JSON and REST profiles. The JSON and REST profiles will make
XACML-driven authorization available to a broader developer audience
that prefer lighter weight encoding and transport formats.”
--
Gerry Gebel, President Axiomatics Americas
Boeing
“Protecting intellectual property and properly
authorizing access to export-controlled data are key concerns for
enterprise computing security organizations. Our EC-US and IPC profiles
provide standardized attribute names/values for creating access control
policies. Utilization of metadata as resource attributes affords
enhanced mechanisms for IP protection and export control enforcement.
Our product, CIPHER, scans files and tags them with EC-US and IPC
metadata, which can then be evaluated by XACML PDPs at runtime.”
--
John Tolbert, Security Strategist, The Boeing Company
Oracle
“Oracle’s Cloud, Enterprise Applications and Oracle
Fusion Middleware technologies rely on Oracle Entitlements Server, our
XACML-based authorization solution, making it easier to manage identity
in today’s social, mobile and cloud environments. Oracle’s complete
platform approach to identity management is entirely standards-based. We
are committed to open standards and interoperability because we believe
it is the only scalable and sustainable approach to identity.”
--
Marc Boroditsky, vice president of Identity Management, Oracle
Additional information:
OASIS KMIP Technical Committee
http://www.oasis-open.org/committees/kmip/
OASIS XACML Technical Committee
http://www.oasis-open.org/committees/xacml/
About OASIS:
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for security, cloud computing, Web services, the Smart Grid, content technologies, business transactions, emergency management, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries.
Facebook
Twitter
LinkedIn
Delicious
Reddit
StumbleUpon
Digg
MySpace
Newsvine
Google Bookmark
Yahoo! Bookmark
Email
Email 
