Industry vendors, led by IBM, Hewlett-Packard and EMC, are proposing a new standard to make their encryption management software work together.
Called the Key Management Interoperability Protocol (KMIP), the standard is being proposed through OASIS (Organisation for the Advancement of Structured Information Standards), the consortium best known for its development of Web-services standards.
OASIS created a KMIP Technology Committee to produce the final specification for the standard. The committee will meet for the first time on 24 April, but KMIP has been quietly under development for more than a year. It is also supported by Brocade, LSI, Seagate and Thales.
Backers see it as one way to replace the hodgepodge of different encryption-key management products out there.
Today, IT staff must use different key management systems to control who gets access to different parts of the network. One system might be used for e-mail encryption, a second for storage and a third for the database.
"The scope of the standard is very broad," said Mark Schiller, a director with HP's Security Office. "It will work for just about any type of device you can imagine."
KMIP's backers say their standard will be "complementary" to existing key management standards such as the storage-focused IEEE 1619.3 and the OASIS EKMI XML standard.