AF Electronic Key Management System (AF EKMS)
Abstract
The AF EKMS Program consists of multiple developments supporting the Air Force requirements/portion of the DoD EKMS Program. (The National Security Agency (NSA) acts as the Executive Agency for the DoD EKMS Program.) AF EKMS, in concert with the overarching DoD EKMS Program, provides a secure and flexible capability for the electronic generation, distribution, accounting, and management of key material, voice callwords, and communications security (COMSEC) publications for the current generation of DoD Command, Control, Communications, Computers, and Intelligence (C4I) and for current generation of weapon systems. EKMS replaced the previous manual distribution and management system providing cryptographic keying material for U.S. DoD Information Assurance. Information Assurance emphasizes confidentiality, access control, multi-level secure databases, trusted computing and information integrity. AFEKMS has a three-tier hierarchical structure. This tiered structure provides 'wholesale' to 'retail' to 'consumer' capability to distribute, manage and account for COMSEC keying material. Tier 1 installations comprise the wholesale generation and control capability. Tier 2 installations comprise the local distribution network and Tier 3 comprises the retail where keying material leaves the AFEKMS and enters the consumer End Cryptographic Units (ECUs). EKMS improved protection of national security-related information by substantially enhancing confidentiality, integrity, and non-repudiation characteristics over the legacy manual key management systems. EKMS has and continues to greatly accelerate availability of crypto key materials through electronic transmission versus the manual handling and shipping of materials. While the current EKMS level-of-effort is directed at enhancing current and developing systems, the ultimate goal is for it to provide a temporary bridge to the DoD Key Management Infrastructure (KMI) Capability Increment (CI)-2, and then a migration path to the "full-up" KMI CI-3. Once KMI CI-3, with its advanced key generation/key distribution capability is fielded and operational, KMI interfaces to EKMS will be severed. Beginning KMI CI-2 functionality is expected in 2011. DoD KMI has incurred schedule slips. As a result, the AFEKMS Program continues software development to support emerging requirements during the transition period to KMI. Initially, End User Application Software development represented Tier 2 requirements. The KMI fielding delays warranted combining Tier 2 and Tier 3 development projects as the transition period extended. End User Application Software development ends with the Demand Management Device Power Station (DMD PS) 5.01 release. Common User Application Software (CUAS), DMD and related computer based training continues under Tier 2/3 development for emerging requirements in the FYDP. Activities also include studies and analysis to support both current program planning and execution and future program planning. This project is in Budget Activity 7, Operational System Development, because it addresses the development and transition of information security, protection, and defensive capabilities and technologies.
Document Details
- Document Type
- Project
- Publication Date
- Oct 01, 2011
- Source ID
- 674861_0303140F_7_3600_PB_2011
Related Documents
- Root: Information Systems Security Program
- Child Accomplishment: MAJOR THRUST: Program office support to the AFEKMS Program for planning and migration to Key Management Infastructure (KMI).
- Child Accomplishment: MAJOR THRUST: Tier 2 (base COMSEC account)/Tier 3 (key material field devices) development for emerging requirements.
- Child Cost Item: 834fff81e2abd19e0bc669e63a06dcfb
- Child Cost Item: af4975d6f1b9ea90cc8e4165a207d056
- Child Cost Item: 0756569598f9d50ae164419888deac21