Army Key Mgt System

Abstract

The Army Key Management System (AKMS) is the Army's implementation of the National Security Agency's (NSA) Electronic Key Management System (EKMS) program automating the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. AKMS supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMS System of Systems (SoS) systems components are the Local COMSEC Management Software (LCMS), Automated Communications Engineering Software (ACES) and Simple Key Loader (SKL). The NSA EKMS program is being replaced by the NSA Key Management Infrastructure (KMI) Program. The transition of the legacy EKMS LCMS to the modern KMI Management Client Nodes (MGC)s began in FY12 and must be completed by the EKMS Tier 2 sunset date of December 2017. AKMS supports the transition to Army Key Management Infrastructure (AKMI). Some components of the AKMS SoS will be replaced under AKMI while others will be modified or adapted to meet the new AKMI requirements. Two critical components required for the transition include the development of the Mission Planning Management Support System (MPMSS) and the ability to support Over the Network Keying (OTNK). MPMSS creates a secure, highly automated interface enabling transparent provisioning of KMI products. MPMSS capability is developed by NSA but each Service is responsible for interface development and final integration into their infrastructure. ACES is the initial target for the interface to MPMSS. NSA will be providing additional capabilities and updates to the MPMSS interface specification through FY17. The Army must then adjust to these changes delivered by NSA. One major enhancement in the KMI architecture is the ability for OTNK. The end state for the Army is to make all 1.5 million legacy ECUs KMI aware with OTNK. Within AKMS this capability will be focused on the SKL. The SKL will act as an interim solution for all legacy ECUs to be recognized on the KMI network until they can be upgraded to be fully KMI aware. OTNK developments are expected to begin in FY2015 and continue throughout the POM. To support this transition, a new KMI compliant cryptographic engine must be developed. The KOV-21 card used in current Army Tier 3 fill devices has hardware obsolescence issues and does not support OTNK. Redesigning and developmental efforts using modern and readily available components for use in the Army's SKL devices have been initiated. The redesign of the current KOV-21 card is referred to as the KOV-21 Replacement and is an extension of the KOV-21 card as a technology insertion.

Document Details

Document Type

Project

Publication Date

Oct 01, 2016

Source ID

501_0303140A_7_2040_PB_2016

Tags

Related Documents

• Root: Information Systems Security Program
• Child Accomplishment: Mission Planning Management Support System (MPMSS) Interface
• Child Accomplishment: Key Management Infrastructure (KMI) Awareness for Legacy Devices
• Child Cost Item: a2ef1a8a91fea7aafbee473c5ed5a0a5
• Child Cost Item: e7a92dec0f2d31dec8840207fc7e76ea
• Child Cost Item: 0f7e5ca283283bb0bf55ba9246f3de5a
• Child Cost Item: 669330bbb941debbbb9432a515469164
• Child Cost Item: 1ffac5183f3b682adabfbc82b314f54e