Key Management Infrastructure (KMI)

Abstract

Key Management Infrastructure (KMI) provides an integrated, operational environment that brings essential key management personnel and functions in-band. KMI achieves an over the network keying (OTNK) solution to support emerging cryptographically modernized systems. The Army Key Management Infrastructure (AKMI) is the Army's subset of the National Security Agency's (NSA's) KMI Program supporting Department of Defense (DoD) Global Information Grid (GIG) Net Centric and Crypto Modernization Initiatives and supports emerging requirements transitioned from the Army Key Management System (AKMS). The Mission Planning/Mission Support System (MP/MSS) for KMI creates a secure and highly automated interface to enable transparent provisioning of KMI products. The interface facilitates transparent communications between MP/MSS and KMI to achieve integration by bridging the gap between provisioning services and the communications net plan of the WarFighter. The MP/MSS Interface Specification defines the interface between the KMI Management Client Node (MGC) and the Mission Planning System operating on the Secure Internet Protocol Router Network (SIPRNET). This interface definition covers the key ordering, management, and distribution transactions that were decomposed based upon an Army Mission Planning System collaborating with KMI to fulfill mission requirements in a highly automated manner. The initial developmental efforts for MP/MSS were carried in the AKMS line through FY 2014. Continuing support relative to KMI requirements and additional capabilities for the interface are scheduled to begin in FY2015. Activities include Application Programming Interface (API) requirements that are defined in the MGC Spiral II. Major capabilities include development of mission planning data fields, access control, signature validation, Tier 3 Accounting Data Exchange, MP/MSS registration with KMI, and product request management. These interfaces are required for integration into the Army's existing Key Management Planner, Automated Communications Engineering Software/Joint-Automated Communications Electronics Operating Instruction Systems (ACES/JACS). AKMI also supports efforts of OTNK and Over the Air Rekeying (OTAR) for emerging devices including the Simple Key Loader (SKL). OTNK is the KMI interface for providing net-centric services to the customers of KMI. OTNK is expected to allow KMI to extend Distribution Services to Type 1 devices. OTAR is the method of updating or changing encryption keys in a two-way radio system over the radio channel. The use of OTAR drastically reduces the distribution of physical keying material and the physical process of loading cryptographic devices with key tapes. OTNK and OTAR developments are expected to begin in FY2016 and continue throughout the POM. The KOV 21 card, previously in production through NSA for use in the Simple Key Loader (SKL) and the Secure DTD 2000 System (SDS), is nearing the end of life due to unavailability of parts. Redesigning and developmental efforts using modern and readily available components for use in the Army's SKL and NGLD devices are currently underway. The redesign of the current KOV 21 card has been dubbed the KOV 21-A and is an extension of the KOV 21 card as a technology insertion. The KOV 21-A will also address requirements codified in the NGLD CPD and the KMI CPD that were technologically unachievable with the KOV 21 card. Through insertion of the KOV-21A into a technologically enhanced SKL, NGLD Medium requirements and OTNK can be achieved to take full advantage of the KMI architecture.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2015
Source ID
DV4_0303140A_7_2040_PB_2015

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Software Engineering.

Technology Areas

  • Microelectronics

Related Documents