Key Management Infrastructure (KMI)

Abstract

The Army Key Management Infrastructure (AKMI) is the Army's implementation of the National Security Agency's (NSA) Key Management Infrastructure (KMI) ACAT IAM program. AKMI supports Department of Defense (DoD) Global Information Grid (GIG) Net Centric and Crypto Modernization Initiatives and supports emerging requirements transitioned from the Army Key Management System (AKMS). KMI automates the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. KMI supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMI System of Systems (SoS) include the Management Clients (MGC), Automated Communications Engineering Software (ACES) and Next Generation Load Device (NGLD) Family. KMI provides an integrated, operational environment that brings essential key management personnel and functions in-band. AKMI achieves an Over the Network Keying (OTNK) solution to support emerging cryptographically modernized systems. Two critical components required for the transition of AKMS to AKMI include the development of the Mission Planning Management Support System (MPMSS) and the ability to support OTNK. MPMSS creates a secure, highly automated interface enabling transparent provisioning of KMI products. MPMSS capability is developed by NSA but each Service is responsible for interface development and final integration into their infrastructure. ACES is the initial target for the interface to MPMSS. The developmental efforts for MPMSS are resourced in the 501 project line. One major enhancement in the KMI architecture is the ability for OTNK. The end state for the Army is to make all 1.5 million legacy ECUs KMI aware with OTNK. The OTNK capabilities within the AKMI SoS will be found in the Next Generation Fill device family as outlined within the NGLD Capabilities Production Document. NGLD will be an enduring solution to bridge the gap until ~1.5 million legacy ECUs can be recognized on the KMI network or until they can be upgraded to be fully KMI aware. The NGLD is reliant on a new KMI compliant cryptographic engine that must be developed. The KOV-21 card used in current Army Tier 3 fill devices has hardware obsolescence issues and does not support OTNK. Redesigning and developmental efforts using modern and readily available components for use in the Army's SKL devices have been initiated. The redesign of the current KOV-21 card is referred to as the KOV-21 Replacement and is an extension of the KOV-21 card as a technology insertion.

Document Details

Document Type

Project

Publication Date

Oct 01, 2016

Source ID

DV4_0303140A_7_2040_PB_2016

Tags

Related Documents

• Root: Information Systems Security Program
• Child Accomplishment: Key Management Infrastructure (KMI) Awareness (RESCUE / KOV-21 Replacement Effort)
• Child Accomplishment: Key Management Infrastructure (KMI) Awareness
• Child Cost Item: 4330e403e0d3367fe4c56d080c12c8cb
• Child Cost Item: 18ecad319e9e65e596730bffc1d2e59a