Sign up for the 2011 Key Management Summit
The 2011 Key Management Summit is almost here. This year it's being held in Pacific Grove, California, right down the street from the Monterey Bay Aquarium, the Pebble Beach golf course and 17-mile Drive. Previous events were sponsored by the IEEE and were collocated with the IEEE MSST conference. But because key management has moved away from its roots in storage, this year's event isn't being held with MSST. It's not even an IEEE event this year. That means that the IEEE won't cover any losses that the event might suffer, so key management vendors Voltage, Thales and SafeNet volunteered to handle that responsibility. It's still an industry event, just one that vendors are picking up the tab for this time.
But there are more reasons to go to this event besides a nice location. It's a great chance to learn about key management from people working in academia, the government and industry. Each of these types of participants usually have very different points of view, and you can learn lots of interesting things from each of them.
The academic point of view might not be very helpful for solving today's key management problems, but it will probably a good indication of what's coming in five to 10 years.
The government speakers probably have some interesting things to say also. Some of the biggest key management systems in the world are run and used by government agencies, and the people behind these projects often have lots of interesting insights that are hard to find elsewhere.
And when it comes to knowing who's actually buying what, there's no better of point of view than that of the vendors who are making and selling key management solutions today.
From the most recent program for this event, it certainly looks like there are couple of excellent opportunities to hear things that will be of interest to anyone working in the information security field. These two talks look particularly interesting:
Dorothy Denning, Naval Postgraduate School, "The History of Key Management"
Dan Boneh, Stanford University, "Social Keys: New Directions in Public Key Management"
Back in the dot-com era, Dorothy Denning was one of the most vocal supporters of the Clinton administration's key escrow plans, which would have required all users of strong cryptography to use a version of the technology that the government could get the keys for and decrypt. With a court order, of course. She's seems to have changed her mind in the past 10 years or so, but it will still be interesting to hear her description of what really happened in the political battles over key escrow.
Dan Boneh is probably very well known to people in touch with the academic cryptography research community, although he might be less well known by people in the business world. In addition to being the inventor of the first practical and secure identity-based encryption scheme, he won the 2005 RSA Award for the field of mathematics for his work in public-key cryptography. He's one of the world's leading researchers in the field and can definitely give you a good idea of where academic research in data security is headed.
But it's not just academics that will be at this year's event. Here's a list of the other talks that are confirmed as of today:
Tony Steiber, Wells Fargo, "Crisis and Opportunity of Cryptographic Key Management"
Chris Kostick, Ernst & Young, "Auditing an Enterprise Key Management Project"
Elaine Barker, NIST, "Key Management Framework"
Ramon Krikken, Burton Group, "So we're managing a bunch of keys… now what?"
Bob Griffin, RSA, "The OASIS KMIP Standard: Interoperability for the Cryptographic Ecosystem"
Rami Shalom, SafeNet, "Universal Key Management in an Age of Encryption Fragmentation"
Bob Griffin, RSA, "Where Are My Keys?"
Jon Geater, Thales, "Key Management Control Strategies in the Cloud Information System"
Boris Schumperli, Cryptomathic, "A New Approach to Key Management in the Cloud"
A panel discussion on cloud key management, led by Ramon Krikken, Burton Group.
And even though it's not an official part of the event, the best part might actually be what you learn from talking to people working in the field over lunch or dinner. That's when you'll often learn all sort of things that you wouldn't hear in a more formal setting. Past events have also had very interesting discussions between the major key management vendors about which of their products were selling and which ones weren't. And at one past event, one leading key management vendor even learned from one of their biggest customers that they weren't happy with certain features of the vendor's products. The sort of stuff that you want to hear but that's hard to learn in other ways. For only $325, that's a pretty good deal.
But it's even better than it already sounds. (Try to imagine that being said by either Billy Mayes or Anthony Sullivan, the famous infomercial pitchmen.)
That $325 even includes a room at the Asilomar Conference Grounds and your meals while you’re at the meeting. I’m not part of the program committee for this year’s event because people didn’t want to see too much participation from a single vendor so I haven’t see the budget for this event, but I’m very surprised that they were able to do this for only $325. In many cases, just the cost of the meeting rooms and insurance that hotels make you get for events like this can put a floor of around $200 to $250 on what you can charge to break even, so the fact that they were able to get the meeting facilities plus a room and meals for only $325 is quite impressive.
And although the web page for the KMS doesn’t mention it, I’ve been told that attendees will also get a KMS 2011 t-shirt.
So there will be lots of interesting discussions and a cost that’s probably well below what you’d expect. Milton Friedman would probably suggest that you take this opportunity to buy something at a low price instead of selling something at a low price, and you can do that by signing up for this event here.