SOA Data Security Workshop
Enterprise Key Management Infrastructure
2008 February 21 and 22
As the internet continues to become more hostile and Information Technology infrastructure comes under contractual and government regulation (RIPA, PCI-DSS, PCSA, HIPAA, FISMA), SOA-based applications will need to address issues of data security, privacy and accessibility in better ways than traditional architectures have dealt with them.
Encryption of data is the last bastion of defense. However, as global enterprises face the daunting task of encrypting sensitive data across hundreds of thousands of laptops, PDAs, desktops, databases, servers and applications, they are required to establish an enterprise-wide key-management strategy that balances their security objectives with lower operational costs and complexity.
Enterprise Key Management Infrastructure (EKMI) is the discipline designed to deliver on that objective. EKMI addresses the complexity of managing all cryptographic keys within a single infrastructure using industry-standard protocols and guidelines. As companies start to implement EKMI, application and security architects must keep pace with industry standards. This workshop is geared to provide that information.
What the EKMI Workshop covers
1. An introduction to EKMI;
2. A detailed description of EKMI Components (Public Key Infrastructure and Symmetric Key Management System);
3. How an EKMI works;
4. A demonstration of a Symmetric Key Management System (SKMS);
5. Understanding various ways how an EKMI can be attacked;
6. Distinguishing between strong and weak controls in an EKMI;
Utimaco Safeware invites you to join the workshop!
About the Presenter
Arshad Noor is the Chief Technology Officer of StrongAuth, Inc., a Sunnyvale, California-based company that specializes in Enterprise Key Management, Identity Management and Compliance Work-flow Management.
He is the architect and lead developer of StrongKeyTM, an open-source implementation of a Symmetric Key Management System (SKMS), whose protocol is the basis for the Symmetric Key Services Markup Language (SKSML) standard being formalized by the OASIS EKMI Technical Committee; StrongAuth donated the SKSML protocol to OASIS on a royalty-free basis for the standardization effort.
Arshad is also the current Chair of the OASIS EKMI TC that currently has 28 members on its committee, including Visa, Wells Fargo, Red Hat, the US Dept. of Defense and many other companies and individuals in the security industry. He has spoken at many international conferences on EKMI, including the OASIS Adoption Forum 2007 in San Diego, ISSE/SECURE 2007 in Warsaw, Poland and the ISACA International Conference 2007 in Singapore.
Utimaco IS GmbH
The business unit Transaction Security from Utimaco Safeware AG is specialised in security solutions for e-business, e-government and e-payment, based on our own technology: Telecommunication management systems, hardware security modules, gateways for e-mail-security, authentication and digitale signatures, public key infrastructure and PKI based applications. www.utimaco.com