Information Systems Security Program

Abstract

Information Assurance Development supports the implementation of the National Security Agency (NSA) developed Communications Security (COMSEC) technologies into the Army by providing COMSEC system capabilities through encryption, trusted software or standard operating procedures, and integrating these mechanisms into specific systems in support of securing the National Network Enterprise in as transparent a manner as possible. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates Information Assurance (IA)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance and the Army Modernization and Strategy Plan. Information Assurance Development funding Implements and establishes functional and technical boundaries of cryptographic, key management and IA capabilities In Coordination with (ICW) the National Security Agency (NSA), the Defense Information Systems Agency (DISA), and Joint Services, to secure National Security Systems (NSS), and National Security Information (NSI). Technical evaluations assess the security, operational effectiveness and network interoperability of advanced concept technologies to develop policies, standards, and fundamental building blocks for Army COMSEC capabilities that reduce the risk of future materiel solutions that could underperform and disrupt classified operations. Develop and publish the Cryptographic Modernization strategy to identify, standardize, and govern the insertion of IA capabilities to bridge operational gaps and support the DoD and NSA mandated requirements to enhance network capacity while providing for secure information exchange of voice, video, and data IAW the Army Network Campaign Plan. This will be accomplished by interoperability evaluation, standards testing, and IA System of System Network Vulnerability Assessments (IA SoS NVA) of Army Capability Sets for IA/COMSEC capabilities that provide protections for fixed infrastructure post, camp, and station networks. The Defensive Cyberspace Operations (DCO) program provides initial capabilities that enable passive and active cyberspace defense operations to preserve friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems. Big Data Pilot provides an advanced analytics capability capable of ingesting structured, semi-structured, and unstructured data from multiple data sources (e.g., Joint Regional Security Stacks (JRSS), intrusion detection systems, intrusion prevention systems, network device log files, trouble tickets, firewalls, proxies, web and applications server log files, etc) and proves situational awareness of cyberspace battlefield. It provides the computer network defense provider with common analytic platform which informs and reduces risk associated with future material solutions and forms a blueprint for future Big Data Analytics. Big Data (analysis-of-all DoD Information Network sensor data) provides two optimized and accredited clusters deployed in support of JRSS and Defense Research and Engineering Network (DREN) with a tools suite accessible to Cyber Mission Forces via secure remote access. The Army's DCO activities are a construct of active cyberspace defenses which provide synchronized, real-time capability to discover, detect, analyze, and mitigate threats to and vulnerability of DoD networks and systems. The Army Key Management System (AKMS) is the Army's implementation of the National Security Agency's (NSA) Electronic Key Management System (EKMS) program automating the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. AKMS supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMS System of Systems (SoS) systems components are the Local COMSEC Management Software (LCMS), Automated Communications Engineering Software (ACES) and Simple Key Loader (SKL). The NSA EKMS program is being replaced by the NSA Key Management Infrastructure (KMI) Program. The transition of the legacy EKMS LCMS to the modern KMI Management Client Nodes (MGC)s began in FY12 and must be completed by the EKMS Tier 2 sunset date of December 2017. AKMS supports the transition to Army Key Management Infrastructure (AKMI). The Army Key Management Infrastructure (AKMI) is the Army's implementation of the National Security Agency's (NSA) Key Management Infrastructure (KMI) ACAT IAM program. AKMI supports Department of Defense (DoD) Global Information Grid (GIG) Net Centric and Crypto Modernization Initiatives and supports emerging requirements transitioned from the Army Key Management System (AKMS). AKMI automates the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. AKMI supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMI Program includes the Management Clients (MGC), Automated Communications Engineering Software (ACES) and Next Generation Load Device (NGLD) Family of devices to include the NGLD Small, Medium and Large. AKMI provides an integrated, operational environment that brings essential key management functions in-band. Objective AKMI will leverage NSA KMI program to provide secure software provisioning, will support legacy and modern ECU’s, simplifies all aspects of key provisioning and ECU management with traceability to individuals, expands operations to DoD unclassified networks, North Atlantic Treaty Organization (NATO) and Coalition users, automates manual business processes to increase Soldier efficiency, transforms key delivery from manual to an automate enterprise service and will provide an Over the Network Keying (OTNK) capability to support Cryptographic Modernization Initiatives (CMI). The Crypto Modernization program supports using NSA developed COMSEC technologies within the Army providing encryption, trusted software, or standard operating procedures, and integrating these mechanisms into specified systems in support of securing the National Network Enterprise in as transparent a manner as possible. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates emerging Information Assurance (IA)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp, and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance and the Army Modernization and Strategy Plan. Embedded Cryptographic Modernization Initiative (ECMI) is an upgrade activity that will ensure enduring Army radios remain secure by operating with modern crypto keys. Tactical radios using embedded cryptographic systems will no longer be able to communicate securely after Crypto Keys expire due to Cease Key dates documented in the Chairman of the Joint Chiefs Staff instruction (CJCSI) 6510. In order to ensure Warfighters continue to have secured communications (i.e., encrypted data and voice), Army tactical radios are required to modernize their cryptographic capabilities by implementing the modern algorithms. If cease key dates are not met, Army will be forced to communicate at risk.

Document Details

Document Type

R2 Budgetary Justification

Publication Date

Oct 01, 2017

Source ID

0303140A_7_2040_PB_2017

Change Summary Explanation

In FY17 the following net adjustments were made: Information Assurance Devleopment (491): Reduction of $.275M Army Key Management (501): Reduction of $0.045M Key Management Infrastructure (DV4): Increase of $2.317M Crypto Modernization (DV5): Increase of $9.258M for government purpose rights software upgrades and development contracts. Embedded Crypto Modernization (ET9): Funding line was added in the amount of $4.585 million for embedded crypto modernization in Army radios.

Service Agency Name

Army

Entities

Tags

Related Documents

• Child Project: Information Assurance Development
• Child Accomplishment: Assessing emerging COMSEC hardware and software systems and products (PL Net E)
• Child Accomplishment: The Defensive Cyberspace Operations (DCO) - Big Data Pilot (PL ES-CYBER)
• Child Accomplishment: Oversight and implementation guidance of emerging Cryptographic and IA capabilities to ensure interoperability to maintain compliance with DoD, NSA, and Army policies and regulations. (CIO/G6)
• Child Cost Item: 4b796b86a41781a8699bc504c5205175
• Child Cost Item: 1b7692e11cf36fa836d81276c11ff5c2
• Child Cost Item: 02973e4473dc6e93797f86f189f9451b
• Child Cost Item: a42831cf11a21c5e0bac7a2d39efeca1
• Child Cost Item: 191f33b80d9fa7f37d9cac60f349cf92
• Child Cost Item: 2dee8922284d49767436a4c9c48c5899
• Child Cost Item: 85823ab2f710ff2ac516fd065c3af15d
• Child Cost Item: eb55e6f3d947e666b6ce9afa7443f75e
• Child Cost Item: 010dc5df53de1dc4dde11305cf0875a1
• Child Cost Item: bda00f2e83e5d75be58c9ca08892f89d
• Child Cost Item: bf7210bb2eb040eed0ccc6dde3648dce
• Child Cost Item: 348e367ee26d2f1df013b67186e40011
• Child Project: Army Key Mgt System
• Child Accomplishment: Mission Planning Management Support System (MPMSS) Interface
• Child Accomplishment: Key Management Infrastructure (KMI) Awareness for Legacy Devices
• Child Cost Item: 2be56571f114c5a9d82cec00723e814b
• Child Cost Item: 473f9f40717131eb5c675254f3ded0c9
• Child Cost Item: a50a8d0b3b6b09cec52dcf59cb681a2c
• Child Cost Item: b7d5dcd3dd43dfd9e62e2f51a6e7b8b6
• Child Cost Item: 15c5057ff2e2da2493b727dbb1b1d326
• Child Project: Key Management Infrastructure (KMI)
• Child Accomplishment: Key Management Infrastructure (KMI) Awareness (RESCUE / KOV-21 Replacement Effort)
• Child Cost Item: 9b1a0dc2ab102776aa77b6c462878c4e
• Child Cost Item: 293b124da08ef55108821904c555671c
• Child Project: Crypto Modernization (Crypto Mod)
• Child Accomplishment: VINSON/ANDVT (Advanced Narrowband Digital Voice Terminal) Cryptograph Modernization (VACM) program
• Child Accomplishment: Cryptographic Systems Test and Evaluation
• Child Accomplishment: High Assurance Internet Protocol Encryption (HAIPE) extension manager
• Child Accomplishment: Embedded Cryptographic Modernization Initiative
• Child Accomplishment: Embedded Cryptographic Modernization Initiative Govt Purpose Rights Software Upgrade
• Child Accomplishment: Embedded Cryptographic Modernization Initiative Development Contracts
• Child Cost Item: 4ae7cec449e4bd5f4386af5613339194
• Child Cost Item: 50a30376020cddb1a4ff9a3e8cdd8f03
• Child Cost Item: 19e710e02500a6025c2e8a8e937a6b34
• Child Cost Item: f182b2a107e618fda6b21166fd1e325b
• Child Cost Item: e9cc27df825e9e1126ddc29e26b454a5
• Child Cost Item: 1dd777d4ebca24b7297df159279befa2
• Child Cost Item: 31a4c4251e75544db919f8bc55af699b
• Child Cost Item: 7a79c0951ffb090663172199e88fe5ff
• Child Project: Embedded Crypto Modernization (CRYPTO MOD)
• Child Accomplishment: Embedded Cryptographic Modernization Initiative
• Child Cost Item: 60082d0727f2940880a08fc1e05a6626
• Child Cost Item: efaaca6e79ec6dedf6a1fe6beb711b54
• Child Cost Item: 27443e1bb19889fd9406b9d2529c2081