Information Systems Security Program

Abstract

The Information Systems Security Program funding line supports the Army's Network Modernization Strategy Line of Effort (LOE) 1, Unified Network. Project 491: Information Assurance (IA) Development supports the implementation of the National Security Agency (NSA) developed Communications Security (COMSEC) technologies within the Army by providing COMSEC system capabilities through encryption, trusted software or standard operating procedures, and integrating these mechanisms into specific systems in support of securing the Army Tactical and Enterprise Networks. This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates Cyber Security (CS)/COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp and station networks as well as tactical networks. The cited work is consistent with Strategic Planning Guidance (SPG) and the Army Modernization and Strategy Plan (AMSP). IA Development funding implements and establishes functional and technical boundaries of cryptographic, key management and IA capabilities in coordination with the NSA, the DISA, and Joint Services, to secure National Security Systems (NSS), and National Security Information (NSI). Technical evaluations assess the security, operational effectiveness and network interoperability of advanced concept technologies to develop policies, standards, and fundamental building blocks for Army COMSEC capabilities that reduce the risk of future material solutions that could underperform and disrupt classified operations. Develop and publish the COMSEC Implementation Planning Guidance to identify, standardize, and govern the insertion of CS capabilities to bridge operational gaps and support the DoD and NSA mandated requirements to enhance network capacity while providing for secure information exchange of voice, video, and data in accordance with the Army Network Campaign Plan. This will be accomplished by interoperability evaluation, standards testing, and CS, System of System Network Vulnerability Assessments (SoS NVA) for Army Capability Sets for CS/COMSEC capabilities that provide protections for tactical and fixed infrastructure post, camp, and station networks. The Defensive Cyberspace Operations (DCO) program provides initial capabilities that enable passive and active cyberspace defense operations to preserve friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems. Big Data Pilot provides an advanced analytics capability capable of ingesting structured, semi-structured, and unstructured data from multiple data sources (e.g., Joint Regional Security Stacks (JRSS), intrusion detection systems, intrusion prevention systems, network device log files, trouble tickets, firewalls, proxies, web and applications server log files, etc) and proves situational awareness of cyberspace battlefield. It provides the computer network defense provider with common analytic platform which informs and reduces risk associated with future material solutions and forms a blueprint for future Big Data Analytics. Big Data (analysis-of-all DoD Information Network sensor data) provides two optimized and accredited clusters deployed in support of JRSS and Defense Research and Engineering Network (DREN) with a tools suite accessible to Cyber Mission Forces via secure remote access. The Army's DCO activities are a construct of active cyberspace defenses which provide synchronized, real-time capability to discover, detect, analyze, and mitigate threats to and vulnerability of DoD networks and systems. Project DV4 & DV5: COMSEC is governed by the Chairman of the Joint Chiefs of Staff Instruction (CJCSA) 6510. In order to ensure Warfighters continue to have secured communications (i.e., encrypted data and voice), Army communications systems are required to support modern cryptographic capabilities by implementing modern algorithms. The Army's Mission Command Network Modernization implementation Plan, date 17 April 2018, states that LOE 1 to be a Unified Network which includes the attributes of being, "Protected, Resilient, Survivable" (p. 11) COMSEC is the Army's implementation of NSA protections to achieve LOE 1. Project DV4: The Army Key Management Infrastructure (AKMI) is the Army's implementation of the NSA KMI ACAT IAM program, automating the functions of COMSEC electronic key management, control, planning, and distribution. AKMI supports the Army's ability to communicate and distribute Cryptographic data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMI System of Systems (SoS) systems components are the Management Client (MGC), Automated Communications Engineering Software (ACES) and Next Generation Load Device (NGLD) Family of fill devices. The AKMS SoS components are the Local COMSEC Management Software (LCMS), ACES, and Simple Key Loader (SKL). Project DV5: The Army COMSEC program supports using NSA developed COMSEC technologies within the Army providing encryption, trusted software, or standard operating procedures, and integrating these mechanisms into National Security Systems (NSS), and National Security Information (NSI)systems in support of securing the Army network (which is made up of tactical and enterprise networks). This entails architecture studies, system integration and testing, developing installation kits, and certification and accreditation of Automation Information Systems. The program assesses, develops and integrates emerging COMSEC tools (hardware and software) which provide protection for fixed infrastructure post, camp, and station networks as well as tactical networks. The cited work is consistent with SPG and the AMSP. Project ET9: Embedded Cryptographic Modernization Initiative (ECMI) program was cancelled FY 2018. No FY 2020 funding is requested. Project FF8: User activity monitoring (UAM) automation/analytics will provide technical capability to enhance Army UAM analysis effectiveness and efficiency. The UAM mission is to observe and record the actions and activities of an individual, at any time, on any device accessing Army information on classified networks in order to detect insider threats and to support authorized investigations. Army UAM is a component of the Army Insider Threat (InT) Program. Army's InT Program and UAM are conducted in accordance with the National Defense Authorization Act for Fiscal Year 2012, section 922., Insider Threat Detection; Presidential Memorandum, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs, dated 21 November 2012; Executive Order 13587, Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information, (Reference b) dated 7 October 2011, and Army Directive 2013-18 (Army Insider Threat Program), 31 July 2013. Innovative enhancements are required to improve UAM analysis productivity, data visualization, and workflow management. The analysis productivity objective is to develop and implement user behavior models that use UAM and other network data to identify anomalous user behavior over time, and to integrated new data sources into the UAM analytical data store and processing system. Data visualization advances will present UAM analysts behavior model processing results in an intuitive format that reduce the time required to review the results. Workflow management improvements will add new capabilities to the UAM workflow management system with the objective of enhancing analysis reporting productivity and metrics collection.

Open PDF

Document Details

Document Type
R2 Budgetary Justification
Publication Date
Oct 01, 2020
Source ID
0303140A_7_2040_PB_2020
Change Summary Explanation
FY 2020 funding is reduced by $25.529 million due to the cancellation of the Embedded Cryptographic Modernization Initiative (ECMI) program. FY 2019 Congressional Reduction of $26.000 million for program delay ($25.000 million) and crypto modernization inaccurate contract awards ($1.000 million). FY 2018 Congressional Reduction of $38.000 million for excess growth (13.000 million) and excess embedded crypto modernization funding due to program delay ($25.000 million); Congressional Add of $18.000 million for Cybersecurity operations center.
Service Agency Name
Army

Entities

Organizations

  • United States Army

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems
  • Human Systems

DTIC Thesaurus Topics

  • Big Data
  • Computer Networks
  • Contracts
  • Cyberspace Operations
  • Data Analysis
  • Data Visualization
  • Department Of Defense
  • Information Assurance
  • Information Systems
  • Insider Threats
  • Intrusion Detection
  • Intrusion Detectors
  • National Security
  • Product Development
  • Radio Equipment
  • Software Development
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber
  • Fully Networked C3
  • Fully Networked C3 - Command and Control
  • Microelectronics

Related Documents