Sun Releases Open Source Standard for Storage Encryption

Claims world's first open source generic communication protocol between a Key Manager and encrypting device

Sun Microsystems has released what it claims is the world's first generic communication protocol between a Key Manager and an encrypting device into an open source community. The protocol is implemented as a complete toolkit and is downloadable from the OpenSolaris website.

Governments, finance, healthcare, retail and other vertical markets need to comply with current regulatory laws that create mandates to protect sensitive stored data. To support these requirements, this protocol is available to customers using the Sun StorageTek KMS 2.0 Key Manager and Sun StorageTek T9840D, T10000A, T10000B Enterprise Drives, as well as Sun StorageTek HP LTO4 drives shipped in Sun libraries. A number of additional partners are developing products based on this protocol, including EMC, whose RSA security division has talked about releasing it as an option on their RKM Key Manager.

"Open Storage solutions allows customers to break free from the chains of proprietary hardware and software and this new protocol extends this lifeline into the expensive and highly fragmented encryption market," said Sun's Jason Schaffer. "Open source equals customer value for encryption solutions and Sun now offers the only solution on the market that works across multiple vendors and suppliers."

By releasing the Sun protocol as open source, Sun says it is taking a step towards unifying the technology. Sun continues to work with partners in the industry and with appropriate standards bodies such as IEEE 1619.3 Working Group and OASIS to further develop and formalize the interface as an industry standard. RSA is currently developing a solution using this protocol to work with their RKM key manager. IBM drive division is working on supporting this protocol for their IBM LTO4 drive shipped in Sun Libraries. Additionally, Sun has shared this protocol with numerous other industry partners including computer OEMs, back up application providers, disk array and switch manufacturers.

Source : http://www.ddj.com/