Symmetric Key Management System (SKMS)

Symmetric Key Management Systems address the need to improve the way that enterprises manage symmetric keys over their lifecycle.

There is a new interest on the part of many companies in the management of symmetric keys used for encrypting sensitive data in their computing infrastructure. While there has been plenty of standardisation activity for many years around asymmetric key management, symmetric keys have been traditionally managed by applications doing their own encryption and decryption. There is as yet no architecture or protocol that provides for symmetric key management services across applications, operating systems, databases, etc.

Key management needs to be addressed by enterprises in its entirety — for both symmetric and asymmetric keys. There are many industry standards and protocols for life-cycle management of asymmetric (i.e. public/private) keys, including PKCS10, PKCS7, CRMF, and CMS.

An objective of SKMS is to establish standards that describe how applications may request similar life-cycle services for symmetric keys, from a server and how public-key cryptography may be used to provide such services.

See in particular, the OASIS Enterprise Key Management Infrastructure (EKMI) Technical Committee. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I