AF Key Management Infrastructure (AF KMI)
Abstract
The Air Force Key Management Infrastructure (AF KMI) Program consists of multiple developments supporting the AF requirements/portion of the DoD Key Management Infrastructure (KMI). The National Security Agency (NSA) acts as the Executive Agent for the DoD KMI Program. AF KMI, in concert with this overarching DoD KMI Program, will provide a secure and flexible capability for the electronic generation, distribution, accounting, and management of key material and other communications security (COMSEC) materials for all DoD Command, Control, Communications, Computers, and Intelligence (C4I) systems and for the Services' weapon systems. KMI represents a broad-scale replacement of the current Electronic Key Management System (EKMS). KMI will provide capabilities that will allow networked operation in consonance with the AF Information Network and other DoD, fellow Service, and AF enterprise objectives. It thereby will assure a viable support infrastructure for future weapons and C4I programs to incorporate key management into their system designs. The DoD KMI will greatly improve protection of national, security-related information by substantially enhancing confidentiality, integrity, and non-repudiation characteristics over the legacy EKMS. KMI will greatly accelerate the availability of crypto key materials through electronic transmission versus shipping of materials, will enhance mission responsiveness and flexibility, and will eventually take the man "out-of-the-loop" in the distribution of crypto key materials. The AF KMI Program in concert with the DoD KMI Program is transitioning the Air Force from the legacy EKMS to modern DoD KMI and building the AF KMI Last Mile architecture. This Research and Development effort includes system engineering, development and testing to successfully implement the AF KMI Last Mile architecture as part of the AF Key Management Enterprise (KME). The AF KMI Last Mile program is a holistic solution integrating the legacy and new and evolving cryptographic programs, materials, products, sources and consumers. The AF KMI Last Mile capabilities include as part of the AF KME distribution, management, and load of cryptographic materials from the KMI (COMSEC account) to the end cryptographic unit (ECU). It builds the linkage interfaces that will allow KMI systems to communicate and integrates other related developments to meet operational needs. AF KMI Last Mile is currently in the Development Phase. Activities also include studies and analysis to support both current program planning and execution and future program planning. In parallel with AF KMI, DoD and the Services are addressing the need for a new generation of future KMI-aware ECU that will be capable of direct interaction with the DoD KMI Enterprise, under the Joint Crypto Modernization Initiative (PE0303140F, BPAC 675100, Cryptographic Modernization, supports this initiative). In some cases these new ECUs, although needing to be supported by KMI, will not be KMI network-connected. "Last mile" transport of black (aka benign, or encrypted) and red (unencrypted) keying material from a KMI client to a new generation ECU or current legacy ECU will need to be handled in the early years by one of two data transfer devices. Initial early systems engineering must also be addressed to accommodate future connectivity between the DoD KMI and future KMI Aware/Enabled ECUs. This enabling form factor functionally defined as a common ECU KMI aware/enabled key load module. This is targeted to be a standardized module to be provided to ECU developers and, as such, it must precede any future ECU developments.
Document Details
- Document Type
- Project
- Publication Date
- Oct 01, 2018
- Source ID
- 675231_0303140F_7_3600_PB_2018
Related Documents
- Root: Information Systems Security Program
- Child Accomplishment: Air Force KMI Last Mile Space & Naval Warfare Systems Command (SPAWAR) Support(Tier 3)
- Child Accomplishment: Air Force KMI Last Mile (Tier 3)