diff --git a/Makefile.am b/Makefile.am
index 39a0e7e..94a9fbf 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -104,11 +104,9 @@
   src/security/certificate/certificate.cpp \
   src/security/certificate/identity-certificate.cpp \
   src/security/certificate/public-key.cpp \
-  src/security/identity/basic-identity-storage.cpp \
-  src/security/identity/identity-storage.cpp \
-  src/security/identity/memory-identity-storage.cpp \
-  src/security/identity/memory-private-key-storage.cpp \
-  src/security/key-chain.cpp \
+  src/security/identity/sec-public-info-sqlite3.cpp \
+  src/security/identity/sec-public-info-memory.cpp \
+  src/security/identity/sec-tpm-memory.cpp \
   src/security/verifier.cpp \
   src/security/policy/no-verify-policy-manager.cpp \
   src/security/policy/self-verify-policy-manager.cpp \
@@ -126,9 +124,9 @@
   src/util/time.hpp
 
 if HAVE_OSX_SECURITY
-  libndn_cpp_la_SOURCES += src/security/identity/osx-private-key-storage.cpp
+  libndn_cpp_la_SOURCES += src/security/identity/sec-tpm-osx.cpp
 else
-  EXTRA_DIST = src/security/identity/osx-private-key-storage.cpp
+  EXTRA_DIST = src/security/identity/sec-tpm-osx.cpp
 endif
 
 libndn_cpp_la_LIBADD  = @OPENSSL_LIBS@     @CRYPTOPP_LIBS@     @OSX_SECURITY_LIBS@  @BOOST_SYSTEM_LIB@
diff --git a/examples/producer.cpp b/examples/producer.cpp
index d7d1048..de76bab 100644
--- a/examples/producer.cpp
+++ b/examples/producer.cpp
@@ -8,8 +8,6 @@
 #include <ndn-cpp/face.hpp>
 
 #include <ndn-cpp/security/key-chain.hpp>
-#include <ndn-cpp/security/identity/memory-identity-storage.hpp>
-#include <ndn-cpp/security/identity/memory-private-key-storage.hpp>
 
 #if NDN_CPP_HAVE_CXX11
 // In the std library, the placeholders are in a different namespace than boost.
@@ -71,20 +69,18 @@
   // CREATE TEST KEYCHAIN (THIS CODE IS ONLY FOR DEBUGGING, NOT TO BE USED IN REAL APPS //
   ////////////////////////////////////////////////////////////////////////////////////////
   Producer()
-    : info_(new MemoryIdentityStorage())
-    , tpm_(new MemoryPrivateKeyStorage())
-    , keyChain_(info_, tpm_)
+    : keyChain_()
   {
     Name keyName("/testname/dsk-123");
     
-    info_->addKey(keyName, KEY_TYPE_RSA,
-                  PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
+    keyChain_.addPublicKey(keyName, KEY_TYPE_RSA,
+                            PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
 
-    tpm_->setKeyPairForKeyName(keyName,
+    keyChain_.setKeyPairForKeyName(keyName,
                                DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER),
                                DEFAULT_PRIVATE_KEY_DER, sizeof(DEFAULT_PRIVATE_KEY_DER));
 
-    keyChain_.addCertificateAsDefault(*keyChain_.selfSign(keyName));
+    keyChain_.addCertificateAsKeyDefault(*keyChain_.selfSign(keyName));
   }
   ////////////////////////////////////////////////////////////////////////////////////////
   ////////////////////////////////////////////////////////////////////////////////////////
@@ -125,9 +121,7 @@
 private:
   ndn::Face face_;
 
-  ptr_lib::shared_ptr<MemoryIdentityStorage> info_;
-  ptr_lib::shared_ptr<MemoryPrivateKeyStorage> tpm_;
-  KeyChain keyChain_;
+  KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> keyChain_;
 
   Buffer ndndId_;
 };
diff --git a/tests/test-encode-decode-benchmark.cpp b/tests/test-encode-decode-benchmark.cpp
index b4e227f..57b888a 100644
--- a/tests/test-encode-decode-benchmark.cpp
+++ b/tests/test-encode-decode-benchmark.cpp
@@ -12,9 +12,7 @@
 #include <stdexcept>
 #include <ndn-cpp/data.hpp>
 #include <ndn-cpp/security/key-chain.hpp>
-#include <ndn-cpp/security/identity/memory-identity-storage.hpp>
-#include <ndn-cpp/security/identity/memory-private-key-storage.hpp>
-#include <ndn-cpp/security/policy/self-verify-policy-manager.hpp>
+// #include <ndn-cpp/security/policy/self-verify-policy-manager.hpp>
 
 // Hack: Hook directly into non-API functions.
 #include "../src/c/encoding/binary-xml-decoder.h"
@@ -139,21 +137,19 @@
   std::cout << "Content size: " << content.value_size() << std::endl;
   
   // Initialize the KeyChain storage in case useCrypto is true.
-  ptr_lib::shared_ptr<MemoryIdentityStorage> identityStorage(new MemoryIdentityStorage());
-  ptr_lib::shared_ptr<MemoryPrivateKeyStorage> privateKeyStorage(new MemoryPrivateKeyStorage());
-  KeyChain keyChain(identityStorage, privateKeyStorage);
+  KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> keyChain;
 
   Name keyName("/testname/dsk-123");
 
   // Initialize the storage.
-  identityStorage->addKey(keyName, KEY_TYPE_RSA,
-                          PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
+  keyChain.addPublicKey(keyName, KEY_TYPE_RSA,
+                        PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
 
-  privateKeyStorage->setKeyPairForKeyName(keyName,
-                                          DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER),
-                                          DEFAULT_PRIVATE_KEY_DER, sizeof(DEFAULT_PRIVATE_KEY_DER));
+  keyChain.setKeyPairForKeyName(keyName,
+                                DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER),
+                                DEFAULT_PRIVATE_KEY_DER, sizeof(DEFAULT_PRIVATE_KEY_DER));
 
-  keyChain.addCertificateAsDefault(*keyChain.selfSign(keyName));
+  keyChain.addCertificateAsKeyDefault(*keyChain.selfSign(keyName));
   Name certificateName = keyChain.getDefaultCertificateName();
   
   // Set up publisherPublicKeyDigest and signatureBits in case useCrypto is false.
diff --git a/tests/test-publish-async.cpp b/tests/test-publish-async.cpp
index a57a857..839bd06 100644
--- a/tests/test-publish-async.cpp
+++ b/tests/test-publish-async.cpp
@@ -10,8 +10,6 @@
 #include <time.h>
 #include <unistd.h>
 #include <ndn-cpp/face.hpp>
-#include <ndn-cpp/security/identity/memory-identity-storage.hpp>
-#include <ndn-cpp/security/identity/memory-private-key-storage.hpp>
 #include <ndn-cpp/security/key-chain.hpp>
 
 using namespace std;
@@ -65,7 +63,7 @@
 
 class Echo {
 public:
-  Echo(KeyChain &keyChain, Face &face)
+  Echo(KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> &keyChain, Face &face)
     : keyChain_(keyChain)
     , face_(face)
     , responseCount_(0)
@@ -102,7 +100,7 @@
     cout << "Register failed for prefix " << prefix->toUri() << endl;
   }
 
-  KeyChain &keyChain_;
+  KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> &keyChain_;
   Face &face_;
   int responseCount_;
 };
@@ -112,21 +110,19 @@
   try {
     Face face;
         
-    ptr_lib::shared_ptr<MemoryIdentityStorage> identityStorage(new MemoryIdentityStorage());
-    ptr_lib::shared_ptr<MemoryPrivateKeyStorage> privateKeyStorage(new MemoryPrivateKeyStorage());
-    KeyChain keyChain(identityStorage, privateKeyStorage);
+    KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> keyChain;
 
     Name keyName("/testname/dsk-123");
 
     // Initialize the storage.
-    identityStorage->addKey(keyName, KEY_TYPE_RSA,
-                            PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
+    keyChain.addPublicKey(keyName, KEY_TYPE_RSA,
+				  PublicKey(DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER)));
 
-    privateKeyStorage->setKeyPairForKeyName(keyName,
+    keyChain.setKeyPairForKeyName(keyName,
                                             DEFAULT_PUBLIC_KEY_DER, sizeof(DEFAULT_PUBLIC_KEY_DER),
                                             DEFAULT_PRIVATE_KEY_DER, sizeof(DEFAULT_PRIVATE_KEY_DER));
 
-    keyChain.addCertificateAsDefault(*keyChain.selfSign(keyName));
+    keyChain.addCertificateAsKeyDefault(*keyChain.selfSign(keyName));
     
    
     Echo echo(keyChain, face);