Press Release

RSA 2010 Showcases OASIS Security Standards with IMI, KMIP, and XSPA Interoperability Demos

IBM, Microsoft, Sun Microsystems, CA, General Services Administration, HP, Jericho Systems, Novell, SafeNet, U.S. Department of Defense, U.S. Department of Veterans Affairs and Others Put Security Standards to the Test in Real-World Scenarios

San Francisco, CA, USA; 02 March 2010 — The OASIS Security Standards Showcase will feature three interoperability demonstrations as part of the RSA Conference and Expo in San Francisco this week. Solution providers, government agencies, and industry associations will come together to show interoperable support for three specifications currently being advanced within the OASIS international open standards consortium. The Identity Metasystem Interoperability (IMI) Interop will show how IMI enables the use of Information Cards to universally manage personal digital identities. A Web 2.0-friendly method for shared light authentication, Information Cards let people authenticate themselves on multiple web sites without maintaining passwords for each site. The demonstration will show relying party software implemented by CA, Microsoft, and Novel using the IMI version 1.0 protocol, in accordance with the U.S. Government Profile (GSA/ICAM). Card selector software from Microsoft and others will allow users to access a number of government sites via commercially issued identities. The Key Management Interoperability Protocol (KMIP) Interop will demonstrate how KMIP delivers a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP offers better data security while reducing expenditures on multiple products. The demonstration will show client programs implemented by HP, IBM, and SafeNet using the KMIP version 1.0 protocol to communicate securely with key management servers implemented by HP and IBM. The clients and servers will demonstrate essential use cases such as generating cryptographic keys, locating existing keys, and retrieving, registering, and deleting keys. The Cross-Enterprise Security and Privacy Authorization (XSPA) Interop will show how XSPA enables the interoperable exchange of healthcare privacy policies, consent directives, and authorizations. XSPA aligns with security specifications being developed within the U.S. Healthcare Information Technology Standards Panel (HITSP). The demonstration will feature collaboration by IBM, Sun Microsystems, Jericho Systems, Oracle, the U.S. Department of Defense, and the U.S. Veterans Health Administration. These organizations will enact the exchange of access control decision information such as requestor identity, role data, and location–information that can be used by healthcare providers to enforce permitted operations on resources and associated conditions and obligations. “Businesses are placing more emphasis on the challenge of securing information wherever it resides across their entire infrastructure,” said Derek Tumulak, Vice President, Product Management, Data Encryption and Control, SafeNet. “The OASIS team is charged with ensuring interoperability, and that the most advanced security and key management solutions are brought to market. The membership in OASIS continues to validate and strengthen SafeNet’s data protection leadership.” The OASIS Security Standards Showcase will be held in Booth # 2545 at the RSA Conference and Exposition in San Francisco’s Moscone Center. Additional information: OASIS IMI Technical Committee OASIS KMIP Technical Committee OASIS XSPA Technical Committee About OASIS: OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for security, Web services, SOA, energy, business transactions, content technologies, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries. Press contact: Carol Geyer Senior Director of Communications and Development OASIS +1.978.667.5115 x209 (office) +1.941.284.0403 (mobile)