Key Management Infrastructure (KMI)
Abstract
The Army Key Management Infrastructure (AKMI) is the Army's implementation of the National Security Agency's (NSA) Key Management Infrastructure (KMI) ACAT IAM program. AKMI supports Department of Defense (DoD) Global Information Grid (GIG) Net Centric and Cryptographic Modernization Initiatives (CMI) and supports emerging requirements transitioned from the Army Key Management System (AKMS). AKMI automates the functions of Communications Security (COMSEC) electronic key management, control, planning, and distribution. AKMI supports the Army's ability to communicate and distribute data on the Army's tactical and strategic networks by limiting adversarial access to, and reducing the vulnerability of, Army Command, Control, Communications, Computers, Intelligence (C4I) systems. The AKMI Program includes the Management Clients (MGC) nodes, Automated Communications Engineering Software (ACES) and Next Generation Load Device (NGLD) Family of devices to include the NGLD Small and Medium. AKMI provides an integrated, operational environment that brings essential key management functions in-band. Objective AKMI will leverage NSA KMI program to provide secure software provisioning, will support legacy and modern End Crypto Units (ECU)s, simplifies all aspects of key provisioning and ECU management with traceability to individuals, expands operations to DoD unclassified networks, North Atlantic Treaty Organization (NATO) and Coalition users, automates manual business processes to increase Soldier efficiency, transforms key delivery from manual to an automate enterprise service and will provide an Over the Network Keying (OTNK) capability to support CMI. One of the major enhancement in the AKMI architecture is the ability to leverage the various capabilities and services from NSA KMI. The end state for the Army is to leverage AKMI capabilities (OTNK, Mission Plan/Mission Support System (MP/MSS), Delivery Only Client (DOC), Client Host Only (CHO)) to increase automation, reduce soldier oversight, manage, and deliver key products to the tactical edge up through strategic ECU's. The objective AKMI capabilities will be found in all of the products across the AKMI product line to include MGC, ACES and NGLD family of fill devices. NGLD family will be an enduring solution to bridge the gap until legacy ECUs are fully modernized. The NGLD Medium is reliant on the Reprogrammable Single Chip Universal Encryptor (RESCUE), a new KMI compliant cryptographic engine that is currently being developed. The KOV-21 card currently used in Army Simple Key Loader (SKL) fill devices has hardware obsolescence issues and does not support OTNK. Redesign and developmental efforts using modern and readily available components for use in the Army's SKL devices have been initiated under the RESCUE program. The current KOV-21 card is referred to as the KOV-21 Replacement and is an extension of the RESCUE program as a technology insertion. The follow-on RESCUE technology development will start in FY2018.
Document Details
- Document Type
- Project
- Publication Date
- Oct 01, 2019
- Source ID
- DV4_0303140A_7_2040_PB_2019
Related Documents
- Root: Communications Security (COMSEC) Equipment
- Child Accomplishment: Key Management Infrastructure (KMI) Awareness (RESCUE / KOV-21 Replacement Effort)
- Child Cost Item: 2ec281a20cd277c0dcd89ca24ee1c350
- Child Cost Item: f3e4bea815b1fb0190d41bdaeb87ac7f
- Child Cost Item: 386379d9586f79b90f248d47bb9f1a91