Enterprise Key Management with OASIS KMIP RSA Conference
- Slides: 14
Enterprise Key Management with OASIS KMIP RSA Conference 2018
What does KMIP do? Security Applications or Appliances Key Material & Metadata Transport KMIP Key Management Server § Create, Register, Locate and Retrieve Encryption Keys & Security Objects § Supports Symmetric Keys, Asymmetric Keys, Certificates, etc. § Much more than just add, modify & delete § Many extended services: Encrypt, Decrypt, Signing, Split-Keys etc. § Rich metadata for essential cryptographic management
KMIP 2018 RSA Interop Demonstration
KMIP RSA 2018 Test Results • 9 KMIP TC members • 17 implementations • 8 Client Implementations • • 9 Server Implementations Over 33, 000 successful test runs 72 Test combinations 4 encodings
KMIP Deployed in Solutions
KMIP Deployed by Organizations
KMIP Specification Development Enterprise Requirements Specification Development Product Deployment Specification Testing
KMIP and HP HPE 8 Micro Focus § Originator and supporter of KMIP development since 2009 § One of 4 founders authoring the original draft 0. 1 spec § 8 years participation in the annual OASIS KMIP interop § Implemented KMIP across entire HPE Storage portfolio § Largest enterprise deployments of KMIP clients/servers
Micro Focus Security § Enterprise Secure Key Manager § § Atalla AT 1000 Payments HSM § 9 Key management for enterprise servers, storage, apps FIPS Level 3, highest PIN processing performance § Voltage § Arc. Sight § Fortify § Net. IQ
Enterprise Secure Key Manager High-assurance key protection for encryption applications ▪ OASIS KMIP Server • Centrally manage enterprise keys • Reliably separate keys from data • Automate and simplify operations ▪ Integrates large IT ecosystems • Full range of storage, server and software clients • KMIP standard qualified partners ▪ Features at a Glance • Trusted: FIPS 140 -2 validated and CC certified • Reliable: 1 U redundant hardware • Available: active-active 8 -node clustering • Scalable: largest enterprise and geographic deployments • Interoperable: industry-standard KMIP versions 1. 0 – 1. 4, 2. 0 10
Enterprise Secure Key Manager Security & business continuity with market-leading interoperability HPE Pro. Liant Servers with built in Secure Encryption HPE 3 PAR Store. Serv (Disk and All-Flash Array) Partner SDKs KMIP Clients Connected MX 11 HPE Store. Ever Tape Libraries Enterprise Secure Key Manager x 8 Openstack Barbican Back. Box Virtual tape HPE Store. Once Backup HPE XP 7 High End Storage Non. Stop Servers
OASIS KMIP standard: Open interoperability for partners ESKM leads in compliance for application interoperability Store. Safe virtual appliance Network proxy-based solution Storage solutions BACKBOX for Non. Stop Virtual Tape Controller Filer Systems (NSE Appliances) SDKs Enterprise Secure Key Manager x 8 SDKs VSP and HUS High-end storage systems Openstack Barbican 12 Database VM Encryption and v. San Data at Rest Encryption Big Data / No. SQL Encryption
ESKM KMIP Partner Program 13 § Open to all vendors/organizations supporting KMIP § ESKM KMIP test server access, joint solution qualification § No other costs or fees § Benefits § Mutual interoperability certification and support § Customer integration/installation guide § Joint co-branded solution brief § Ongoing new release test access
14