Information Systems Security Program

Abstract

Information Assurance Development supports the implementation of the National Security Agency (NSA) developed Communications Security (COMSEC) technologies within the Army by providing COMSEC system capabilities through encryption, trusted software or standard operating procedures, and integrating these mechanisms into specific systems in support of securing the Army Tactical and Enterprise Networks. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates Cyber Security (CS)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance and the Army Modernization and Strategy Plan. Information Assurance Development funding Implements and establishes functional and technical boundaries of cryptographic, key management and Information Assurance (IA) capabilities In Coordination With (ICW) the NSA, the Defense Information Systems Agency (DISA), and Joint Services, to secure National Security Systems (NSS), and National Security Information (NSI). Technical evaluations assess the security, operational effectiveness and network interoperability of advanced concept technologies to develop policies, standards, and fundamental building blocks for Army COMSEC capabilities that reduce the risk of future material solutions that could underperform and disrupt classified operations. Develop and publish the Cryptographic Modernization strategy to identify, standardize, and govern the insertion of CS capabilities to bridge operational gaps and support the Department of Defense (DoD) and NSA mandated requirements to enhance network capacity while providing for secure information exchange of voice, video, and data IAW the Army Network Campaign Plan. This will be accomplished by interoperability evaluation, standards testing, and CS , System of System Network Vulnerability Assessments (SoS NVA) for Army Capability Sets for CS/COMSEC capabilities that provide protections for tactical and fixed infrastructure post, camp, and station networks. The Defensive Cyberspace Operations (DCO) program provides initial capabilities that enable passive and active cyberspace defense operations to preserve friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems. Big Data Pilot provides an advanced analytics capability capable of ingesting structured, semi-structured, and unstructured data from multiple data sources (e.g., Joint Regional Security Stacks (JRSS), intrusion detection systems, intrusion prevention systems, network device log files, trouble tickets, firewalls, proxies, web and applications server log files, etc) and proves situational awareness of cyberspace battlefield. It provides the computer network defense provider with common analytic platform which informs and reduces risk associated with future material solutions and forms a blueprint for future Big Data Analytics. Big Data (analysis-of-all DoD Information Network sensor data) provides two optimized and accredited clusters deployed in support of JRSS and Defense Research and Engineering Network (DREN) with a tools suite accessible to Cyber Mission Forces via secure remote access. The Army's DCO activities are a construct of active cyberspace defenses which provide synchronized, real-time capability to discover, detect, analyze, and mitigate threats to and vulnerability of DoD networks and systems. The Army Key Management System (AKMS) is the Army's implementation of the NSA Electronic Key Management System (EKMS) program automating the functions of COMSEC electronic key management, control, planning, and distribution. AKMS supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMS System of Systems (SoS) systems components are the Local COMSEC Management Software (LCMS), Automated Communications Engineering Software (ACES) and Simple Key Loader (SKL). The NSA EKMS program is being replaced by the NSA Key Management Infrastructure (KMI) Program. The transition of the legacy EKMS LCMS to the modern KMI Management Client (MGC) Nodes began in FY12 and must be completed by the EKMS Tier 2 sunset date of December 2017. AKMS supports the transition to Army Key Management Infrastructure (AKMI). The AKMI is the Army's implementation of the NSA KMI ACAT IAM program. AKMI supports DoD Global Information Grid (GIG) Net Centric and Cryptographic Modernization Initiatives (CMI) and supports emerging requirements transitioned from the AKMS. AKMI automates the functions of COMSEC electronic key management, control, planning, and distribution. AKMI supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMI Program includes the MGC nodes, ACES and Next Generation Load Device (NGLD) Family of devices to include the NGLD Small, Medium and Large. AKMI provides an integrated, operational environment that brings essential key management functions in-band. Objective AKMI will leverage NSA KMI program to provide secure software provisioning, will support legacy and modern ECU’s, simplifies all aspects of key provisioning and ECU management with traceability to individuals, expands operations to DoD unclassified networks, North Atlantic Treaty Organization (NATO) and Coalition users, automates manual business processes to increase Soldier efficiency, transforms key delivery from manual to an automate enterprise service and will provide an Over the Network Keying (OTNK) capability to support CMI. The Crypto Modernization program supports using NSA developed COMSEC technologies within the Army providing encryption, trusted software, or standard operating procedures, and integrating these mechanisms into specified systems in support of securing the Army Tactical and Enterprise Network. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates emerging CS/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp, and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance and the Army Modernization and Strategy Plan. Embedded Cryptographic Modernization Initiative (ECMI) is an upgrade activity that will ensure enduring Army radios remain secure by operating with modern cryptographic algorithms and keys. Tactical radios using embedded cryptographic systems will no longer be able to communicate securely after cease key dates documented in the Chairman of the Joint Chiefs Staff instruction (CJCSI) 6510. In order to ensure Warfighters continue to have secured communications (i.e., encrypted data and voice), Army tactical radios are required to modernize their cryptographic capabilities by implementing modern algorithms. If cease key dates are not met, the Army will be forced to communicate at risk.

Open PDF

Document Details

Document Type: R2 Budgetary Justification
Publication Date: Oct 01, 2018
Source ID: 0303140A_7_2040_PB_2018
Change Summary Explanation: FY16 increase to project 491 supports Defensive Cyber Pilot efforts. In FY18 the following net adjustments were made: Crypto Modernization (DV5): Decrease of $1.390 million based on requirement adjustment. Embedded Crypto Modernization (ET9): Increase of $61.693 million for embedded crypto modernization in Army radios. Information Assurance (491): Increase of $.102 million based on requirement adjustment. Key Management Infrastructure (DV4): Decrease of $.860 million based on requirement adjustment.
Service Agency Name: Army

Entities

Organizations

United States Army

Information Systems Security Program

Abstract

Document Details

Entities

Organizations

Tags

Communities of Interest

DTIC Thesaurus Topics

Fields of Study

Readers

Technology Areas

Related Documents