Liaison Adopts KMIP with Encryption Key Manager

March 19, 2013 Alex Woodie

Liaison Technologies last week unveiled a new version of Key Manager, its encryption key management solution that’s part of its overall Liaison Protect suite. Key Manager 3.0 delivers support for key management interoperability protocol (KMIP), an emerging standard that helps ensure the proper functioning of encryption keys in multi-vendor environments.

Liaison Protect Key Manager is an encryption key management product designed to automate the tasks involved with creating, using, maintaining, and retiring encryption keys. The software is a part of Liaison’s over-arching data security suite, called Liaison Protect, which also includes a data encryption solution and a tokenization solution, both of which work with IBM i and other server OSes.

With Key Manager version 3.0, Liaison has overhauled the product in more ways than one. One of the most important new functions is the capability to utilize KMIP, the OASIS standard that describes how encryption key management and generation programs interact with the encryption routines that consume encryption keys in business systems.

Before KMIP, there was no standard for the various vendors who incorporate encryption routines into their software, or the vendors of key management products, like Liaison. Once users adopted a particular vendor’s encryption solution, they were basically locked into using that vendor’s key management solution, too, since there was no guarantee that other vendors’ management tools would work correctly.

Support for KMIP Web services in Key Manager 3.0 gives Liaison’s customers the capability to use Key Manager to manage encryption keys with any encryption end-point that also adheres to that standard. KMIP Web services are implemented using the Apache CXF security model.

“Our decision to adopt OASIS KMIP for Key Manager demonstrates Liaison’s commitment to providing the most flexible, scalable, and agnostic key management solution based on the latest industry standards,” states Robert Fox, Liaison’s senior director of software development in a press release.

Key Manager 3.0 brings a new Web 2.0-style management interface.

nuBridges, which Liaison bought in 2011, unveiled KMIP support back in 2010 with the launch of Protect Token Manager release 1.3. That product no longer exists in Liaison’s product suite, and its functionality has been absorbed into the overall Liaison Protect suite, which delivers capabilities in three areas: encryption, tokenization, and key management.

KMIP will become a big selling point in the future, but maybe not for a while–at least until there’s a critical mass of KMIP-supported products in use. In the meantime, existing customers may appreciate some of the other features in version 3.0 that reduce regulatory risk.

This includes the new quorum-based administration component, which implements better segregation of duties among administrators and satisfies PCI requirements. Liaison also updated the product’s key lifecycle management functions to adhere to NIST standards.

Worries about losing keys due to a disaster will be lessened thanks to new backup and restore functionality that Liaison built into the product. All key material is now protected by a master key. This release also introduces new types of authentication, including proprietary two-factor authentication and “hybrid” user authentication.

Liaison has delivered a new Web-based user interface with version 3.0 that can be used for a range of management tasks, including configuring SSL, LDAP, database connections, and SMTP.

Key Manager 3.0 is available now. The product runs on Windows Server and Linux operating systems, and requires a SQL Server or Oracle database. For more info, see www.liaison.com.