OASIS Interoperability Showcase @ RSA 2015

20-24 April 2015
Moscone Center
San Francisco, California


Twelve companies will demonstrate products that support the OASIS KMIP and PKCS #11 encryption and cryptography standards. Cryptosense, Cryptsoft, Feitian, Oracle, and Utimaco show how PKCS #11 is used for interacting with cryptographic tokens and hardware security modules. Cryptsoft, Dell, Fornetix, HP, IBM, P6R, Thales e-Security, and Vormetric will demonstrate key management using KMIP.

FREE expo passes for OASIS members - use the code "X5EOASIS" when registering. 

Demonstration Overviews

Key Management Interoperability Protocol (KMIP) Demonstration

The OASIS Key Management Interoperability Protocol (KMIP) specification for interoperable communication between key management clients and key management servers will be demonstrated in the OASIS Booth at this year’s RSA Conference and Exposition. Shown during this demonstration are clients from Cryptsoft, Fornetix, HP, and P6R communicating with key management servers from Cryptsoft, Dell, Fornetix, HP, IBM, Thales e-Security, and Vormetric. The clients and servers demonstrate the full key management life-cycle including creating, registering, locating, retrieving, deleting, and transferring symmetric and asymmetric keys and certificates between vendor systems. Support for KMIP 1.3, KMIP 1.2, KMIP 1.1 and KMIP 1.0 will be demonstrated.  This OASIS KMIP interoperability demonstration provides an excellent opportunity for vendors and end-users to see multiple versions KMIP in practice, demonstrating the value of KMIP as the standard for enterprise key management operations in multi-vendor environments.

PKCS #11 Demonstration

The OASIS PKCS#11 Cryptographic Token Interface (PKCS11) specification - an application programming interface (API) for cryptographic token devices - will be demonstrated in the OASIS Booth at this year’s RSA Conference and Exposition. Shown during this demonstration will be applications (clients) from Cryptosense, Cryptsoft, Feitian, Oracle and Utimaco and devices (libraries) from Cryptsoft, Feitian, Oracle and Utimaco. The demonstration will showcase vendor independent storage of cryptographic information and performance of cryptographic functions including generating, finding and using cryptographic objects including combinations of one or more symmetric keys, asymmetric keys, or certificates between vendor systems. Support for a range of versions of PKCS11 will be demonstrated. This OASIS PKCS11 interoperability demonstration provides an excellent opportunity for booth visitors to see multiple versions of PKCS11 in practice, demonstrating the value of PKCS11 as the standard for interacting with cryptographic devices in multi-vendor environments.

Demonstration Participants

You can visit these companies' web sites by clicking on their logos, or drop by the booth (#1921) at the event.

Cryptosense software helps users of cryptography detect and manage security vulnerabilities, including key-management flaws, cryptanalytic attacks, implementation errors and bad configurations. In particular, the tool treats PKCS#11 devices such as HSMs and Smartcards. As well as testing a PKCS#11 device for compliance, out tools can also simulate a given PKCS#11 implementation and evaluate compatibility. Cryptosense is based in Paris and was founded in 2013. Our clients include banks, crypto hardware manufacturers and testing labs.  For more information, visit http://cryptosense.com.

Established in 1996, Cryptsoft is an Australian security firm providing specialist products and services for software and hardware developers in the areas of security system design, deployment, validation and interoperability. Cryptsoft offers a range of software development toolkits to enable the rapid integration of enterprise key management and encryption solutions into applications and systems ranging from embedded platforms through to enterprise class appliances and servers. For more information, visit www.cryptsoft.com.

Listen. Learn. Deliver. That’s what we’re about. Dell empowers countries, communities, customers and people everywhere to use technology to realize their dreams. Customers trust us to deliver technology solutions that help them do and achieve more, whether they’re at home, work, school or anywhere in their world. Learn more about our story, purpose and people behind our customer-centric approach at www.dell.com.

FEITIAN is a public company incorporated in China and a trusted leader in the global market for contact and contactless smart cards, EMV chip cards, payment terminals, and user authentication solutions for secure online banking and transaction security.  Our end-to-end turnkey solutions include secure hardware, operating systems, middleware, software application, and services such as personalization and remote lifecycle management. Established in 1998, FEITIAN has developed as an essential component in the information architecture of private and public enterprise, government, and educational institutions throughout the world.  For more information, visit www.ftsafe.com.

Fornetix provides for the automation and optimization of encryption key management services that reduce costs, improve security, and remove operational complexities.  Our Key Orchestration™ product delivers a comprehensive capability that integrates easily with existing communications systems, network components, secure storage, and other encryption enabled technologies – giving businesses a single pane of glass to use encryption management in concert with identity. The Fornetix team has 50+ years of engineering expertise and over 10 years of high level cybersecurity professional services, communications solutions, identity solutions, information assurance, and custom key management solutions development.  Our team are contributing members of the OASIS KMIP TC and are involved in providing input to NIST standards groups. For more information, visit http://fornetix.net.

HP Atalla solutions build on 35+ years of innovation delivering advanced information protection of sensitive data. HP Atalla security solutions safeguard data throughout its entire life cycle – at rest, in motion, in use – on-premises, across cloud, and mobile environments.  HP Atalla provides continuous protection through classification, encryption and key management, while maintaining optimal performance and flexibility.  For more information, please visit www.HP.com/go/atalla.

IBM is the world's largest information technology company, with 100 years of leadership in helping businesses innovate. IBM software offers the widest range of infrastructure software for all types of computing platforms, allowing customers to take full advantage of the new era of e-business. For more information, visit www.ibm.com.

Oracle engineers hardware and software to work together in the cloud and in your data center. With more than 400,000 customers—including 100 of the Fortune 100—in more than 145 countries around the globe, Oracle is the only vendor able to offer a complete technology stack in which every layer is engineered to work together as a single system. Oracle’s industry-leading cloud-based and on-premises solutions give customers complete deployment flexibility and unmatched benefits including advanced security, high availability, scalability, energy efficiency, powerful performance, and low total cost of ownership. For more information, visit oracle.com.

P6R specializes in providing innovative multi-platform solutions to a broad range of businesses. P6R's Secure KMIP Client Toolkit provides the full KMIP 1.0, 1.1 and 1.2 standards implementations. The KMIP client's multi-layered approach allows developers to use the level of functionality that best suits their needs. As with all of P6R's products, our Secure KMIP Client Toolkit is available for Linux and Windows.  P6R's PKCS 11 Provider (version 2.40) contains both a KMIP enabled token and a software token.  P6R is a member of both the OASIS KMIP and PKCS 11 Technical committees and actively contributes to the development of the KMIP standard. For more information, visit www.p6r.com.

Thales e-Security is a leading global provider of information security, providing data encryption solutions to the financial services, manufacturing, government and technology sectors. With a 40-year unrivalled track record of protecting corporate and government information, Thales solutions protect our customers most sensitive data and is used by four of the five largest energy and aerospace companies, government networks around the world, and secures more than 80 percent of the worldwide payment transactions. Thales e-Security has offices in Japan, Hong Kong, United Kingdom and the United States and is represented in over 90 countries around the world. For more information, visit www.thalesgroup.com/en.

Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customizable platform to easily integrate into existing software solutions, embed business logic and build secure applications. Tens of thousands of enterprise and infrastructure companies rely on Utimaco to guard IP against internal and external threats and protect hundreds of millions of consumers globally. For more information, visit https://hsm.utimaco.com.

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Data is the new currency and Vormetric helps over 1200 customers, including 17 of the Fortune 25 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable solution suite protects any file, any database and any application — anywhere it resides — with a high performance, market-leading data firewall that incorporates application transparent encryption, privileged user access controls, automation and security intelligence. For more information, visit www.vormetric.com.