Army Key Mgt System

Abstract

The Army Key Management System (AKMS) is the Army's implementation of the National Security Agency's (NSA) Electronic Key Management System (EKMS) program automating the functions of Communications Security (COMSEC) key management, control, and distribution, thereby limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. NSA's legacy EKMS infrastructure began its transition to the Key Management Infrastructure (KMI) in FY2012. The transition is set to be completed by the EKMS sunset date of December 2017 and will require a minimum of 528 Management Client Nodes (MGCs) to transition the existing Army COMSEC accounts from Local COMSEC Management System (LCMS) to KMI. AKMS supports the Mission Planning/Mission Support System (MP/MSS), a critical component of the transition to the Army Key Management Infrastructure (AKMI). MP/MSS creates a secure, highly automated interface enabling transparent provisioning of KMI products. MP/MSS is developed by NSA. Each service is responsible for integration efforts specific to their infrastructure requirements. Updates to the MP/MSS Interface Specification and additional capabilities for the base interface will be completed in FY2014. The KOV 21 card, previously in production through NSA for use in the Simple Key Loader (SKL) and the Secure DTD 2000 System (SDS), is nearing the end of life due to unavailability of parts. Redesigning and developmental efforts using modern and readily available components for use in the Army's SKL devices are currently underway. The redesign of the current KOV 21 card has been dubbed the KOV 21-A and is an extension of the KOV 21 card as a technology insertion. AKMS also supports the efforts of Over the Network Keying (OTNK) and Over the Air Rekeying (OTAR) for legacy devices including the Simple Key Loader (SKL). OTNK is a requirement in the Next Generation Load Device (NGLD) CPD and KMI CI-2 CPD. OTNK will allow KMI to extend Distribution Services to Type 1 devices over the network thus simplifying key change-over and task reorganization. OTAR is the method of updating and changing encryption keys in a two-way radio system over the radio channel. The use of OTAR drastically reduces the distribution of physical keying material and the physical process of loading cryptographic devices with key tapes. OTNK and OTAR developments are expected to begin in FY2016 and continue throughout the POM. Developing this capability in the SKL will allow the ~1.5M legacy End Crypto Units (ECUs) to be recognized on the KMI network until they can be upgraded to be KMI aware.

Document Details

Document Type

Project

Publication Date

Oct 01, 2015

Source ID

501_0303140A_7_2040_PB_2015

Tags

Related Documents

• Root: Information Systems Security Program
• Child Accomplishment: Mission Planning Mission Support System (MP/MSS) Interface
• Child Cost Item: ddbcf0dfe23e093793242fc98c375311
• Child Cost Item: 56ea41ea669336d4143c54c91cb4cdb5
• Child Cost Item: 8fb35a598603078b2fe14512aca2fab9
• Child Cost Item: 51fcdc2724dc0f357de8f8f9083ebffb