OASIS Security Standards Showcase at RSA Conference & Exposition 2013

...FEATURING XACML & KMIP


25 February-1 March 2013
Moscone Center
San Francisco, California

VISIT BOOTH:  3012

Fourteen companies will demonstrate products that support the OASIS Access Control & Key Management Standards. Axiomatics, Boeing, Dell, Forgerock, NextLabs, Oracle, and ViewDS show how XACML 3.0 is used for representing authorization and entitlement policies. Cryptsoft, HP, IBM, QuintessenceLabs, Thales e-Security, Townsend Security, and Vormetric will demonstrate end-to-end encryption using KMIP.

FREE expo passes for OASIS members - use the code "FXE13OAS" when registering to receive the FREE pass. The deadline to redeem is 22 February.

Demo Overviews


Key Management Interoperability Protocol (KMIP) Demonstration

The OASIS Key Management Interoperability Protocol (KMIP) specification for interoperable communication between key management clients and key management servers will be demonstrated in the OASIS Booth at this year’s RSA Conference and Exposition. Shown during this demonstration are clients from Cryptsoft, IBM, Quintessence Labs, and Thales e-Security communicating with key management servers from Cryptsoft, HP, IBM, Quintessence Labs, Thales e-Security, Townsend Security and Vormetric. The clients and servers demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between vendor systems. Support for KMIP 1.2 (committee proposals), KMIP 1.1 (candidate specification) and KMIP 1.0 (specification) will be demonstrated.  This OASIS KMIP interoperability demonstration provides an excellent opportunity for vendors and end-users to see multiple versions KMIP in practice, demonstrating the value of KMIP as the standard for enterprise key management operations in multi-vendor environments.

eXtensible Access Control Markup Language (XACML) Demonstration

OASIS will host an XACML Standards Showcase on the exhibit floor of this year's RSA Exposition, held in conjunction with the annual RSA conference. XACML, an extremely flexible language for expressing access control, is particularly designed to support large-scale environments where resources are distributed and policy administration is federated. Members of OASIS will be onhand to showcase the features of the XACML Intellectual Property Control, Export Control-US, JSON and REST Profiles. These profiles enable organizations to control the usage and distribution of data according to resource properties such as Copyright, Trademark, Proprietary, Export Control Classifications, and licensing authorities, while using the latest communication protocols across various platforms and applications. During the showcase, resource attributes will be obtained directly from metadata in the data objects themselves and will travel with the data objects.

Demo Participants


You can visit these companies' web sites by clicking on their logos, or drop by the booth (#3012) at the event.



Axiomatics is the leading provider of externalized and attribute-based authorization (ABAC) solutions that implement the XACML standard. The company has a global customer base within healthcare, finance, manufacturing and the public sector, among others. The Axiomatics Policy Server protects systems against unauthorized use while enabling proper sharing of critical business information within and across enterprise borders. Axiomatics actively contributes to the development of the XACML standard and has editorial responsibilities within the OASIS Technical Committee.

Boeing is the world's largest aerospace company and leading manufacturer of commercial and military aircraft, satellites, weapons, electronic and defense systems, launch systems, advanced information and communication systems, and performance-based logistics and training. With corporate offices in Chicago, Boeing employs more than 170,000 people across the United States and in 70 countries.  Boeing has a long tradition of aerospace leadership and innovation. The company continues to expand its product line and services to meet emerging customer needs. Its broad range of capabilities includes creating new, more efficient members of its commercial airplane family; integrating military platforms, defense systems and the warfighter through network-enabled solutions; creating advanced technology solutions; and arranging innovative customer-financing options.



Established in 1996, Cryptsoft is an Australian security firm providing specialist products and services for software and hardware developers in the areas of security system design, deployment, validation and interoperability. For more information see www.cryptsoft.com.

Quest One Identity Solutions offer a real-world approach to IAM – business focused, integrated with current investments, deployed quickly for fast ROI and flexible enough to meet future security and compliance needs. Dell Inc. (NASDAQ: DELL) listens to customers and delivers worldwide innovative technology, business solutions and services they trust and value. For more information, visit dell.com.




ForgeRock is revolutionizing identity - with more than 300,000 downloads in 135 countries in just two years, we built the only unified, open source Identity stack, purpose-built for legacy, enterprise, and next gen mobile and social app development at internet scale - with guaranteed unlimited support and new releases every six months.  The Open Identity Stack includes OpenAM for access management, OpenDJ for directory services, and OpenIDM for user administration and provisioning. Our 100% Java architecture is designed from the ground up as a unified, modular system accessible through REST APIs, making it easier to implement and manage your deployment.


The world's largest technology company, HP brings together a portfolio that spans printing, personal computing, software, services and IT infrastructure at the convergence of the cloud and connectivity, creating seamless, secure, context-aware experiences for a connected world.




IBM is the world's largest information technology company, with 100 years of leadership in helping businesses innovate. IBM software offers the widest range of infrastructure software for all types of computing platforms, allowing customers to take full advantage of the new era of e-business.




NextLabs®, Inc. is the leading provider of policy-driven Information Risk Management software for large enterprises. Our software offers a cohesive solution for improving compliance and mitigating information risk by helping companies achieve safer and more secure internal and external collaboration, prevent data loss, and ensure proper authorization to applications and data. NextLabs' flagship entitlement management, collaborative rights management and data protection products, combine with Control Center, our XACML-based policy management platform with integrated content aware and identity-driven enforcement technology, to offer the most comprehensive information risk management (IRM) solution in the market. Our products protect data and ensure compliance across more channels and more end points within a single unified solution, providing unmatched user acceptance and Total Cost of Ownership (TCO).


QuintessenceLabs develops enterprise security products that enable information to remain secure in spite of network attack and system compromises. Recognising that vulnerabilities will always exist, and that breaches will always occur, QuintessenceLabs has approached the data protection problem by developing technology and infrastructure components that protect the data itself. This second layer of defence enforces centralized enterprise security policy consistently across data whether at rest, in use, or in transit.



Oracle is the world's most complete, open, and integrated business software and hardware systems company. With more than 380,000 customers—including 100 of the Fortune 100—and with deployments across a wide variety of industries in more than 145 countries around the globe, Oracle offers an optimized and fully integrated stack of business hardware and software systems that helps organizations overcome complexity and ignite innovation. Oracle engineers hardware and software to work together in the cloud and in your data center–from servers and storage, to database and middleware, through applications. Oracle Identity Management is the industry’s best-in-class suite of Identity Management products. Oracle Identity Management solutions such as Oracle Entitlements server enable customers to address compliance requirements and decrease security threats across diverse IT environments.


Thales e-Security is a leading global provider of information security, providing data encryption solutions to the financial services, manufacturing, government and technology sectors. With a 40-year unrivalled track record of protecting corporate and government information, Thales solutions protect our customers most sensitive data and is used by four of the five largest energy and aerospace companies, government networks around the world, and secures more than 80 percent of the worldwide payment transactions. Thales e-Security has offices in Japan, Hong Kong, United Kingdom and the United States and is represented in over 90 countries around the world.


Townsend Security builds data privacy solutions to help companies meet evolving PCI DSS, HIPAA/HITECH, FISMA, GLBA/FFIEC, DIACAP, SOX, and other regulatory compliance requirements. Over 2,000 companies worldwide trust Townsend Security for their NIST and FIPS 140-2 certified encryption, key management, tokenization, and logging solutions to protect their sensitive data from loss, theft and abuse.



ViewDS Identity Solutions offers a suite of Identity and Access Management solutions designed for directory and discovery search, Identity Management, Authorization Services and Meta Data Integration. Our suite provides organizations with a fast, scalable and flexible identity management infrastructure that is optimized to support very high speed searches on hierarchically structured data as well as providing Attribute Based Access control, Role Based Access Control and fine grained authorization services. Our unrivalled searching functionality and customizable web interfaces are just some of the key reasons why we continue  to acquire customers across different industries including; government, defence, health and enterprises worldwide.



Vormetric is the leader in enterprise data protection for physical, virtual and cloud environments. The Vormetric Data Security product line provides a single, manageable and scalable solution to manage any key and encrypt any file, any database, any application, anywhere it resides— without sacrificing application performance and avoiding key management complexity. Some of the largest and most security conscious organizations and government agencies in the world, including 16 of the Fortune 25, have standardized on Vormetric to provide strong, easily manageable data security.