Chapter 8: Encryption Key ManagementKMIP-compliant Encryption Key ManagementQuantum Scalar i6000 User’s Guide 281KMIP-compliant Encryption Key ManagementThe Key Management Interoperability Protocol (KMIP®) is aspecification developed by OASIS®. Its function is to standardizecommunication between enterprise key management systems andencryption systems. With version i8.2.1, the Scalar i6000 provides aKMIP version 1.0 compliant encryption solution.KMIP is only supported in certain environments. Contact your Quantumrepresentative for details.Details about the Scalar i6000 KMIP-compliant implementation include:• As with other encryption systems supported by the library, in orderto use KMIP-compliant encryption systems with the Scalar i6000,you must have an Encryption Key Management license installed onthe library.• A minimum of two KMIP-compliant encryption servers are requiredfor failover purposes. A total of 10 KMIP-compliant encryptionservers are allowed, for increased failover capability.See Encryption Key Management Systems on page 279 for instructionson how to configure KMIP-compliant encryption systems on the library.FIPS-Certified Encryption SolutionFIPS (Federal Information Processing Standard) 140-2 is a U.S.government standard relating to computer security and encryption.The Quantum Scalar i6000 now offers a FIPS 140-2 Level 1 certifiedencryption solution composed of the Scalar Key Manager and HP LTO-5and LTO-6 Fibre Channel tape drives in a Scalar i6000 library. FIPS modecan be enabled on the HP LTO-5 and LTO-6 tape drives via the libraryuser interface. Once in FIPS mode, all encryption key communicationbetween the tape drive and the library controller is authenticated andencrypted.Details about configuring FIPS mode include:• Library firmware must be at version 630Q or later.
