Enterprise Key Management Infrastructure
After two decades of securing the perimeter, companies are now recognizing that it is an insufficient deterrent to attackers of information systems infrastructure. As more breaches are disclosed and as IT-related losses continue to.rise, encryption of sensitive data across the enterprise is viewed as a necessity. Yet, the diverse nature of IT infrastructures makes it difficult to build and operate a cohesive encryption key-management strategy that balances security goals with costs.
The Organization for the Advancement of Structured Information Systems (OASIS) has created a Technical Committee — the Enterprise Key Management Infrastructure (EKMI) Technical committee (TC) — to address this challenge. While EKMI focuses on Public Key Infrastructure (PKI) and Symmetric Key Management Systems (SKMS), the TC is currently focused on SKMS-related activities. Participants on the TC are defining a platform-independent protocol to allow applications to request symmetric key-management services from an SKMS implementation, implementation, operations and audit guidelines for an SKMS and an interoperability test-suite for the protocol.
This paper describes the characteristics of an EKMI — more specifically, that of an SKMS — and how enterprises can take advantage of this protocol to protect sensitive information across the enterprise.
KeywordsTechnical Committee Trust Platform Module Domain Name Service Multiple Encryption Java2 Enterprise Edition
Unable to display preview. Download preview PDF.