SNIA KMIP Test Program Announced; Meets Demand for Encryption Key Management Conformance Testing
San Francisco, CA (February 24, 2014) — The Storage Security Industry Forum (SSIF), a special interest community within the Storage Networking Industry Association (SNIA), today announced the official launch of the Key Management Interoperability Protocol (KMIP) Test Program. The KMIP Test Program and its test suites and protocols provide for conformance testing based on KMIP usage profiles and interoperable, secure solutions. The KMIP Specification is defined by OASIS (The Organization for the Advancement of Structured Information Standards) and test profiles are established by its KMIP Technical Committee.
“SNIA is delighted to collaborate with OASIS on this important industry activity,” commented David Dale, SNIA’s Chairman of the Board. “SNIA has a strong history of conformance testing. At our Technology Center in Colorado Springs we have the experienced resources, practiced processes, and secure physical testing environment to support conformance test programs. For the KMIP program we added a relationship with Cryptsoft for the use of their test suite.”
Industry awareness and support of this program is growing and important. “The KMIP Conformance Testing Program, run by SNIA/SSIF, is evidence that interoperability is not simply a datasheet check–box item for solution providers of encryption and enterprise key management,” said Derek Brink, vice president and research fellow for Aberdeen Group, a Harte Hanks Company. “Serious enterprise buyers consider multi–vendor interoperability an important requirement.”1
“By introducing the KMIP Test Program for the industry, we’re helping to encourage not only the adoption of enterprise–class key management, but a means for vendors to test for conformance and provide an assurance of interoperability and a layer of trust to their customers,” said Sue Gleeson, of Oracle and SSIF Chairperson.
“Security continues to increase in priority for all data management professionals and many are or should be looking to ensure they have a trusted, conformance tested approach to Key Management,” added Bruce Backa of NTP Software, SSIF Vice–Chairman.
The KMIP Test Program offers vendors of KMIP–enabled computer technology the opportunity to test their implementation against one or more KMIP profiles with pre–defined test cases. The program provides data management, storage, and security markets with assurance that given KMIP client implementations are fully interoperable with KMIP server implementations across one or more usage profiles. Ultimately, computer solution validation establishes trust and confidence among IT buyers requiring KMIP–enabled products and solutions from an ever–increasing number of vendors providing KMIP–enabled Enterprise Key Management (EKM) servers, KMIP client appliances, and applications.
IBM’s Rick Robinson, a member of the SNIA SSIF Committee, noted, “Including IBM, SSIF has seven organizations signed up as members and nine KMIP–enabled products in the test queue. We aim to deliver the first KMIP Test Program results in Q1 2014.” Tony Cox of Cryptsoft and SSIF Treasurer observed, “With the program launch, we are actively signing on new participants as well as delivering market education for the importance of KMIP.”
KMIP interoperability demonstrations and a preview of the KMIP test suite will be presented in the OASIS Interoperability Showcase https://www.oasis-open.org/events/rsa/2014 at the RSA Conference in San Francisco, February 24–28. SNIA will be participating as part of this Showcase in the OASIS booth.
About the SNIA Storage Security Industry Forum
The SNIA Storage Security Industry Forum (SSIF) – where security and storage meet – is the only industry group that focuses exclusively on the complete life cycle of data security from its creation and storage to end of life and destruction. The SSIF is a consortium of storage professionals, security professionals, security practitioners, and academics providing data and information security expertise. The SSIF contributes to a better understanding of information assurance and how it applies in IT operations, influencing the design, use, and management of storage technology to better protect and secure information. The seven Voting Members of SNIA’s SSIF are: Cryptsoft, HP, IBM, NetApp, NTP Software, Oracle, and SafeNet. SNIA recognizes the OASIS KMIP specification. Find details on KMIP at https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=kmip. For more information on SSIF and to join, visit www.snia.org/ssif.
About the SNIA
The Storage Networking Industry Association (SNIA) is a not–for–profit global organization, made up of some 400 member companies spanning virtually the entire storage industry. SNIA’s mission is to lead the storage industry worldwide in developing and promoting standards, technologies, and educational services to empower organizations in the management of information. To this end, the SNIA is uniquely committed to delivering standards, education, and services that will propel open storage networking solutions into the broader market. For additional information, visit the SNIA web site at http://www.snia.org.
Follow SNIA SSIF developments at:
- Linkedin: http://www.linkedin.com/company/snia
- Facebook: www.facebook.org/snia.org
- Web: www.snia.org/forums/ssif
- Twitter: @SNIAsecurity
1 Aberdeen Group Research Brief “KMIP, KMIP, Hooray!” http://www.aberdeen.com/Aberdeen-Library/8081/RB-encryption-key-management.aspx