SNIA KMIP Test Program Announced; Meets Demand for Encryption Key Management Conformance Testing
KMIP Test Program Validates Standard and Supporting Computing Solutions
San Francisco, CA (February 24, 2014) — The Storage Security Industry Forum (SSIF), a special interest community within the Storage Networking Industry Association (SNIA), today announced the official launch of the Key Management Interoperability Protocol (KMIP) Test Program. The KMIP Test Program and its test suites and protocols provide for conformance testing based on KMIP usage profiles and interoperable, secure solutions. The KMIP Specification is defined by OASIS (The Organization for the Advancement of Structured Information Standards) and test profiles are established by its KMIP Technical Committee.
“SNIA is delighted to collaborate with OASIS on this important industry activity,” commented David Dale, SNIA’s Chairman of the Board. “SNIA has a strong history of conformance testing. At our Technology Center in Colorado Springs we have the experienced resources, practiced processes, and secure physical testing environment to support conformance test programs. For the KMIP program we added a relationship with Cryptsoft for the use of their test suite.”
Industry awareness and support of this program is growing and important. “The KMIP Conformance Testing Program, run by SNIA/SSIF, is evidence that interoperability is not simply a datasheet check–box item for solution providers of encryption and enterprise key management,” said Derek Brink, vice president and research fellow for Aberdeen Group, a Harte Hanks Company. “Serious enterprise buyers consider multi–vendor interoperability an important requirement.”1
“By introducing the KMIP Test Program for the industry, we’re helping to encourage not only the adoption of enterprise–class key management, but a means for vendors to test for conformance and provide an assurance of interoperability and a layer of trust to their customers,” said Sue Gleeson, of Oracle and SSIF Chairperson.
“Security continues to increase in priority for all data management professionals and many are or should be looking to ensure they have a trusted, conformance tested approach to Key Management,” added Bruce Backa of NTP Software, SSIF Vice–Chairman.
The KMIP Test Program offers vendors of KMIP–enabled computer technology the opportunity to test their implementation against one or more KMIP profiles with pre–defined test cases. The program provides data management, storage, and security markets with assurance that given KMIP client implementations are fully interoperable with KMIP server implementations across one or more usage profiles. Ultimately, computer solution validation establishes trust and confidence among IT buyers requiring KMIP–enabled products and solutions from an ever–increasing number of vendors providing KMIP–enabled Enterprise Key Management (EKM) servers, KMIP client appliances, and applications.
IBM’s Rick Robinson, a member of the SNIA SSIF Committee, noted, “Including IBM, SSIF has seven organizations signed up as members and nine KMIP–enabled products in the test queue. We aim to deliver the first KMIP Test Program results in Q1 2014.” Tony Cox of Cryptsoft and SSIF Treasurer observed, “With the program launch, we are actively signing on new participants as well as delivering market education for the importance of KMIP.”
KMIP interoperability demonstrations and a preview of the KMIP test suite will be presented in the OASIS Interoperability Showcase https://www.oasis-open.org/events/rsa/2014 at the RSA Conference in San Francisco, February 24–28. SNIA will be participating as part of this Showcase in the OASIS booth.
About the SNIA Storage Security Industry Forum
About the SNIA
Follow SNIA SSIF developments at:
1 Aberdeen Group Research Brief “KMIP, KMIP, Hooray!” http://www.aberdeen.com/Aberdeen-Library/8081/RB-encryption-key-management.aspx
Subscribe to our Newsletter