Army Key Mgt System

Abstract

The Army Key Management System (AKMS) is the Army's implementation of the National Security Agency's (NSA) Electronic Key Management System (EKMS) program automating the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. AKMS supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMS System of Systems (SoS) components are the Local COMSEC Management Software (LCMS), Automated Communications Engineering Software (ACES) and Simple Key Loader (SKL). The NSA EKMS program is being replaced by the NSA Key Management Infrastructure (KMI) Program. The transition of the legacy EKMS LCMS to the modern KMI Management Client (MGC) nodes began in FY12 and must be completed by the EKMS Tier 2 sunset date of December 2017. AKMS supports the transition to Army Key Management Infrastructure (AKMI). Some components of the AKMS SoS will be replaced under AKMI while others will be modified or adapted to meet the new AKMI requirements. Two critical components required for the transition include the development of the Mission Planning Management Support System (MPMSS) and the ability to support Over the Network Keying (OTNK). MP/MSS creates a secure, highly automated interface enabling secure transparent provisioning of KMI products. MP/MSS service is being developed by NSA but each Service is responsible for interface development and final integration into their infrastructure. ACES is the initial target for the interface to MPMSS. NSA will be providing additional capabilities and updates to the MP/MSS interface specification through technology insertions in the out years. The Army must then adjust to these changes delivered by NSA. One of the major enhancement in the KMI architecture is the ability to leverage OTNK. The end state for the Army is to leverage AKMI capabilities (OTNK, Mission Plan/Mission Support System (MP/MSS), Delivery Only Client (DOC), Client Host Only (CHO)) to increase automation, reduce soldier oversight, manage, and deliver key products to from the tactical edge up through strategic ECU's. Within AKMS this capability will be focused on ACES and SKL platform. ACES and SKL will act as an interim solution for all legacy ECUs to be recognized on the KMI network until they can be upgraded to be fully KMI aware. OTNK developments began in FY2015. To support this transition, a new KMI compliant cryptographic engine must be developed for the SKL platform. The KOV-21 card used in current Army Tier 3 fill devices has hardware obsolescence issues and does not support the new capabilities being delivered by KMI. Redesigning and developmental efforts using modern and readily available components for use in the Army's SKL devices have been initiated. The redesign of the current KOV-21 card is referred to as the KOV-21 Replacement and is an extension of the KOV-21 card as a technology insertion. AKMS RDT&E funding line 501 realigned to DV4 / KMI FY17 and out.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2018
Source ID
501_0303140A_7_2040_PB_2018

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Fully Networked C3
  • Fully Networked C3 - Command and Control
  • Microelectronics

Related Documents