Information Systems Security Program

Abstract

Information Assurance Development supports the implementation of the National Security Agency (NSA) developed Communications Security (COMSEC) technologies into the Army by providing COMSEC system capabilities through encryption, trusted software or standard operating procedures, and integrating these mechanisms into specific systems in support of securing the National Network Enterprise in as transparent a manner as possible. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates Information Assurance (IA)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance and the Army Modernization and Strategy Plan. Information Assurance Development funding supports the technical assessment and specifications documentation of cryptographic, key management and IA capabilities in coordination with the NSA, the Defense Information Systems Agency (DISA), and Joint Services, to secure National Security Systems (NSS) and National Security Information (NSI). Technical evaluations assess the security, operational effectiveness and network interoperability of advanced concept technologies to develop policies, standards, and fundamental building blocks for Army COMSEC capabilities. Develop and publish the Cryptographic Modernization strategy to identify, standardize, and govern the insertion of IA capabilities to bridge operational gaps and support the DoD and NSA mandated requirements to enhance network capacity while providing for secure information exchange of voice, video, and data in accordance with the Army Network Campaign Plan. This will be accomplished by interoperability, standards testing, and IA System of System Network Vulnerability Assessments (IA SoS NVA) of Army Capability Sets for IA/COMSEC capabilities that provide protections for fixed infrastructure post, camp and station networks. The Defensive Cyberspace Operations (DCO) program provides initial capabilities that enable passive and active cyberspace defense operations to preserve friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems. Big Data Pilot provides an advanced analytics capability capable of ingesting structured, semi-structured, and unstructured data from multiple data sources (e.g., Joint Regional Security Stacks (JRSS), intrusion detection systems, intrusion prevention systems, network device log files, trouble tickets, firewalls, proxies, web and applications server log files, etc) and proves situational awareness of cyberspace battlefield. It provides the computer network defense provider with common analytic platform which informs and reduces risk associated with future material solutions and forms a blueprint for future Big Data Analytics. Big Data (analysis-of-all DoD Information Network sensor data) provides two optimized and accredited clusters deployed in support of JRSS and Defense Research and Engineering Network (DREN) with a tools suite accessible to Cyber Mission Forces via secure remote access. The Army's DCO activities are a construct of active cyberspace defenses which provide synchronized, real-time capability to discover, detect, analyze, and mitigate threats to and vulnerability of DoD networks and systems. The Army Key Management System (AKMS) is the Army's implementation of the NSA Electronic Key Management System (EKMS) program automating the functions of COMSEC electronic key management, control, planning, and distribution. Supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The NSA EKMS program is being replaced by the NSA Key Management Infrastructure (KMI) Program. The AKMS System of Systems (SoS) systems components are the Local COMSEC Management Software (LCMS), Automated Communications Engineering Software (ACES) and Simple Key Loader (SKL). The transition of the legacy EKMS LCMS to the modern KMI Management Client Nodes (MGC)s began in FY12 and must be completed by the LCMS sunset date of December 2017. AKMS supports the transition to AKMI. The Army Key Management Infrastructure (AKMI) is the Army's implementation of the NSA KMI ACAT IAM Program. KMI further automates the functions of COMSEC electronic key management, control, planning and distribution. AKMI supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army C4I systems. KMI provides an integrated, operational environment that brings essential key management functions in-band. AKMI supports Department of Defense (DoD) Global Information Grid (GIG) Net Centric and Crypto Modernization Initiatives and supports emerging key management requirements. AKMI achieves an Over the Network Keying (OTNK) solution to support emerging cryptographically modernized systems. Some components of the AKMS SoS will be replaced under AKMI while others will be modified or adapted to meet the new KMI requirements. The AKMI SoS includes the MGC Nodes, ACES and the NGLD Family. The Crypto Modernization program supports using NSA developed COMSEC technologies within the Army providing encryption, trusted software, or standard operating procedures, and integrating these mechanisms into specified systems in support of securing the National Network Enterprise in as transparent a manner as possible. The Cryptographic Modernization Initiative (CMI) is designed to investigate Courses Of Action (COAs), conduct a Material Solution Analysis (MSA), and execute upgrade activities to ensure all enduring Army communications and data equipment that employs embedded cryptographic hardware will be able to accept and utilize modern cryptographic key.

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2016
Source ID
0303140A_7_2040_PB_2016
Change Summary Explanation
Service Agency Name
Army

Entities

Organizations

  • United States Army

Tags

Communities of Interest

  • Cyber
  • Human Systems

DTIC Thesaurus Topics

  • Big Data
  • Computer Network Security
  • Computer Networks
  • Computers
  • Cost Analysis
  • Cyberspace Operations
  • Data Analysis
  • Department Of Defense
  • Engineering
  • Information Assurance
  • Information Systems
  • Management Personnel
  • National Security
  • Security
  • Standards
  • System Of Systems
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control
  • Microelectronics

Related Documents