3 KMIP-based key server integration
The HP StoreEver 1/8 G2 Tape Autoloader and tape libraries support integration with encryption key management servers using the Key Management Interoperability Protocol (KMIP) standard. KMIP is an industry standard protocol for communications between a key management server and an encryption system. The KMIP specification is developed by the KMIP technical committee of the OASIS standards body (Organization for the Advancement of Structured Information Standards).
The KMIP feature allows the tape device to obtain encryption keys from selected
ESKM 4.0 and later versions can be accessed through the KMIP protocol. The same ESKM server can serve keys through both the native ESKM and KMIP protocols at the same time.
To use the KMIP feature, the autoloader or library must have access to a KMIP key manager. HP only supports KMIP when used with a supported key manager, listed in the EBS Matrix, located at http://www.hp.com/go/ebs. For additional information on configuring KMIP servers for use with the autoloader and libraries, see the KMIP server documentation.
Creating the client user name and password on the server
NOTE: These instructions are for the SafeNet KMIP server. If you are using ESKM 4.0 or later with the KMIP protocol, follow the instructions in the HP Enterprise Secure Key Manager User Guide to create a client account for he library. If you are using a different server, consult your server documentation for instructions.
1.Log into the SafeNet KMIP server and select the Security tab.
2.In the Users & Groups panel select Local Users & Groups.
3.Click Add.
4.Enter the user name and password, and set the User Administration Permission and Change Password Permission settings and then click Save.
12