330 likes | 918 Views
UNCLASSIFIED. . PURPOSE: To present an update of the Army's Cryptographic Modernization (CM) Initiative and Key Management (KM) efforts.OBJECTIVES: By the end of this presentation you will be able to:Emphasize the driving forces of modernizationDiscuss Army's Comprehensive Crypto Mod Strateg
E N D
1. LandWarNet 2008
2. PURPOSE: To present an update of the Army’s Cryptographic Modernization (CM) Initiative and Key Management (KM) efforts.
OBJECTIVES: By the end of this presentation you will be able to:
Emphasize the driving forces of modernization
Discuss Army’s Comprehensive Crypto Mod Strategy
Explain process for capturing equipment requirements
3. 3 Modernizing our cryptographic inventory during war, transformation, and reset is challenging
Technology is in constant transition
Warfighters require the latest technology with:
Greater bandwidth, speed and more robust security
Interoperability (Net-centric and backward compatibility)
Reduced program development, faster fielding and integration
Cryptographic Modernization and Key Management are inextricably linked
4. Cryptographic Modernization Plan
Key Management
Information Systems Security Program (ISSP)
Summary
Key POCs
Useful Websites
5. Cryptographic Modernization Initiative
6. 6 Chairman of the Joint Chiefs of Staff Notice (CJCSN) 6510 provides cryptographic inventory information and changes
CM is the DoD/Joint (NSA, Services, Agencies) initiative to upgrade/replace DoD’s cryptographic inventory
CM is the planned and phased replacement of cryptographic solutions that have reached the end of their useful life
CM is being accomplished via three phases
Replacement
Modernization
Transformation
7. 7 Support to the Warfighter – Current & Future Forces
Must field latest technology to the Warfighter as quickly as possible
Existing crypto systems do not support emerging network-centric technologies
Networks cannot be compromised or “broken” while changes occur
CJCSN 6510 – CM Plan means different things to different communities
G3: Operations
G6: Information Assurance
G8: Resources
ASA(ALT): Program Development
SIGCEN: Requirements and Gap Analysis
CERDEC: Emerging Technologies Driving Factors to Modernize
8. HQDA CIO/G-6
Management Oversight
CM Strategy and Execution Plans
CERDEC PMO
Engineering (Technical and concept validation)
TRADOC/SIGCEN
Document Warfighter needs
CSLA
Logistics/material management
10. 10 Secure Communications Interoperability Protocol (SCIP) Supports wired and wireless interoperability
Secure Wireless
Includes 802.11, 802.16 and cellular functionality/ protocols
Integrates convergence of voice and data on portable device “SME PED--SIPR to the Hip”
Secure Wired
Includes PSTN, ISDN and IP functionality/protocols
Integrates convergence of PSTN and IP
Establish new baseline
STU III use ends
STE upgrades
2.6 software
KSV-21 ECC replaces KOV-14 FPCC
Migrate from PSTN to IP functionality (vIPer)
CM Efforts
11. 11 Secure Link/Trunk
Converged technology combines link and trunk encryptor families into one device
Supports downloadable algorithms and component re-configuration
Dual independent channels
Secure Network (INE)
Locks baseline “current legacy inventory” at HAIPE IS Version 1.3.5
Emerging solutions provide full HAIPE migration
Add greater bandwidth efficiency
IPv6 functionality,
HAIPE-to-HAIPE key exchange
Supports programmed upgrades of HAIPE IS Version 3.x CM Efforts (Cont’d)
12. Challenges Vendors drive product lifecycle
Crypto equipment lifecycle now 5-7 years vs. 20 years
Non-Type 1 strategy still evolving (impacts National policy and acquisition decisions)
Getting equipment to warfighter faster
Full Type Classification (TC) is a lengthy and costly process-- impacts availability
Improve CCI accountability. CCI in systems not always documented on property books
Difficult to justify replacement of equipment that is not on a Property Book (or equivalent document).
13. Transforming the Force Prior to FY08
Stopped issuing - KG-84, KG-94, KG-175, STUIII,
Production stopped- KG-175AC (classic), DTD, KIV-7 HSB, KG-75, KY57-99
New Technology- TALON, SecNet 11, SecNet 54, KG-250, KY-100
FY08
Stop issuing KY-68, KIV-7, KIV-19
Production stopped- KG-175 E-100, KG-175B, KG-235
New Technology- KG-175D, KIV-7M, vIPer, ECC, SKL, TALON, KG-255, SG-250 (FR)
FY09
Stop issuing- KOV-14 (FPCC), KG-175AC, KG-175B, KG-175 E-100
Production stopped- TBD
New Technology- KIV-19M, KG-250M, KG-250-T
14. Key Management
15. Electronic Key Management System (EKMS)
Aging system that is in need of an upgrade
Limited key distribution options
Cannot support emerging systems with increased key needs
Key Management Infrastructure (KMI)
Joint program; OSD NII program oversight; NSA is the program manager
Total DoD solution that addresses Services, Agencies, Civil organizations
Shifts towards net-centricity
Provides a secure automated distribution and accountability capability
Will support emerging crypto systems implementing new technologies
Will be provided in increments
16. 16 What Are the Tenants of KMI? Key Management tenants of KMI (performance capabilities) are as follows:
Electronic generation, distribution, ordering, production and management of key products; accountability and tracking of COMSEC material
Security foundation for modern cryptography
Potential to reduce burden on operations and personnel
Cohesive, robust infrastructure
17. 17
18. 18 Electronic Key Management System (EKMS) and KMI will co-exist as parallel systems for several years
KMI Capability Increment (CI)-2 will leverage the EKMS baseline as new capabilities are delivered to transform the infrastructure to support operations
EKMS Phase 5 is the operational baseline that the KMI transition will be based upon
Army Key Management System (AKMS) upgrading to Phase 5, but gaps are emerging between EKMS and KMI
Program Managers today need to begin planning crypto and key management changes to KMI not EKMS KMI Efforts
19. AKMS Phase 5 Enhancements Local COMSEC Management Device / Key Processor (LMD/KP) Workstation Software Upgrade
Local COMSEC Management Software (LCMS) Version 5.0.3
Common User Application Software (CUAS) Version 5.0
Card Loader User Application Software (CLUAS)
LMD/KP Workstation Communications Enhancement
Adds KG-250 In-line Network Encryptor (INE)
Creates Virtual Private Network (VPN) over SIPRNet
Automated Communications Engineering Software (ACES) Workstation Software Upgrade
Supports Black Key Distribution
Simple Key Loader (SKL) Profile Upgrades
20. Black Key
- Provides increased security during key distribution
- Uses Key Encryption Key (KEK) <KEK{TEK}KEK>
- Integrates ACES Workstation to black key distribution
- Supports emerging programs (e.g., IFF Mode 5, AEHF SMART-T, BFT, FCS)
JOSEKI
- Keyless algorithm used to encrypt classified algorithms and sensitive software
- Configuration management required
21. Information Systems Security Program (ISSP) – Army Database
22. 22 Provides capability for users to document requests for CCI solutions
Facilitates the release of equipment via HQDA approval process (G-3, G-8 and CIO/G-6)
Identifies centrally funded/unit funded CCI requirements
Provides customers with equipment availability and contract information
Use to forecast future requirements FY09-15
Customer assistance is available through the ISSPA Help Desk
23. 23 Summary The need to transform cryptographic equipment and the key management infrastructure is inescapable.
We must accomplish this effort within the framework of existing and future transformation initiatives.
We must work closely with the NSA, the acquisition community and other services to provide the latest NSA-certified, secure solutions to the Warfighter.
25. Key POCs HQDA CIO/G-6 (DSN- 332-xxxx)
Equipment Management/ Requirements
Ms Theresa Chester- Lead
Theresa.chester@us.army.mil
CML - 703-602-1245
Mr Major Lambert
major.lambertIII@us.army.mil
CML - 703-602-7497
Ms Pat Nickols
patrice.nickols@hqda.army.mil
CML - 703-602-7424
FORSCOM LNO
Mr David Lavender
David.lavender@hqda.army.mil
CML - 703-602-7423
Secure Voice
Ms Eve Geyer
eve.geyer@us.army.mil
Cell – 202-361-8549
26. Key POCs HQDA CIO/G-6 (DSN- 332-xxxx)
CM
Mr Ken Hill
Kenneth.hill@hqda.army.mil
CML- 703-602-7422
Mr Scott Henry
scott.henry@hqda.army.mil
CML - 703-602-7493
Key Management
Ms Jeanne Medeiros-Williams- Lead
Jeanne.medeiroswilliams@us.army.mil
CML - 703-602-7492
Mr Joe Bryant
joe.bryant@us.army.mil
CML- 703-602-7409
Cross Domain
Mr Mike Tyson
michael.tyson@hqda.army.mil
CML- 703-602-7487
DSN- 332-7487
27. Key POCs (Cont’d) ECOP POC (assist in posting ONS)
SSG Beckford
beckfordwm@conus.army.mil
CML- 703-614-3314
DSN- 222-3314
ECOP website- with online user’s guide www.ecop.army.smil.mil/ecop/login.aspx
NSA Army Advocate
LTC Karen Goldston
ksgolds@missi.ncsc.mil
CML- 410-854-4671
DSN- 244-4671
HQDA CIO/G-6 NSA Representative
Mr Dave Ward
dave.ward@hqda.army.mil
CML- 703-602-7389
28. Key POCs (Cont’d) ISSP CSLA
Ms Sandra Jones-Hannahs, Chief IAD, NICP
sandra.joneshannahs@us.army.mil
CML- 520-538-6403
Mr Anthony Black, Project Leader, ISSP
Anthony.d.black@us.army.mil
CML- 520-538-6403
CSLA Maintenance
Mr Christopher Ward
Christopher.C.Ward@us.army.mil
CML- 520-538-6924
CERDEC PMO
Mr. Stanley Fong, Chief, Cryptographic Modernization Office
Stanley.fong@us.army.mil
CML- 732 427-4845
Mr. Doug DePerry, HAIPE Lead and Roadshow Engineer
douglas.deperry@us.army.mil
CML- 732-427-1651
29. Helpdesks ISSP CSLA
ISSP Help Desk
csla.issp@us.army.mil
CML: 520-538-1829
DSN: 879-1829
Key Management
ACES/SKL/CT3 Help Desk
acesct3helpdesk@css-inc.biz
Toll Free 866-651-1199
EKMS Help Desk:
877-896-8094; 520-538-9900 (DSN 879-9900)
Located at CSLA, Fort Huachuca, AZ
After duty hours: if there is a COMSEC emergency, these numbers prompt the caller to notify the on-call help desk technician.
SKL
Toll Free (866-651-1199)-- Located at CSS, Georgia,
Assists in troubleshooting failures
Available: Mon-Fri (8:00am - 5:00pm) EST
After Hours - Voice Mail call back
30. Tech Support TACLANE MICRO KG-175D
Vendor - General Dynamics
Help Desk - 800-662-1826
CSLA Item Manager - Art Dungee 520-538-1820
TACLANE KG-175 E-100/ AC Classic
Vendor - General Dynamics
Help Desk - 800-662-1826
CSLA Item Manager - Patrick Damone 520-538-2752
KG- 250/ KG-255
Vendor - ViaSat
Help Desk - 888-842-7281
CSLA Item Manager - Art Dungee 520-538-1820
Talon
Vendor - L-3 Communications
Help Desk - 800-339-6197
CSLA Item Manager - Art Dungee 520-538-1820
31. Tech Support (Cont’d) Sectera Wireline/ GSM
Vendor - General Dynamics
Help Desk - 800-662-1826
CSLA Item Manager - Louis Augustine 520-538-8338
Omni/STE
Vendor - L-3 Communications
Help Desk - 800-339-6197
CSLA Item Manager - Louis Augustine 520-538-8338
vIPer
Vendor - General Dynamics
Help Desk - 800-662-1826
CSLA Item Manager - Louis Augustine 520-538-8338
KIV-7M
Vendor - Mykotronx
Help Desk - 800-548-7383
CSLA Item Manager - Art Chavira 520-538-7477
SecNet 11 and 54
Vendor - Harris
Help Desk - 866-264-8040
CSLA Item Manager - Art Chavira 520-538-7477
32. https://cryptomod.kc.us.army.mil
Army CM website
Contains product information and software downloads
www.iad.nsa.smil.mil
NSA’s CM website (click on “Programs” tab)
Contains information on de-certification and CJCSI/N 6510
https://issp.army.mil
Information Systems Security Program (ISSP) website
Identifies COMSEC equipment needs, procurement and allocation
https://rdit.army.mil/commsc
SKL Web Site Support
Documentation (Tech Manuals, Warranty Bulletin)
Software Updates
Training CD
Info Briefs and Procedures
https://km.kc.us.army.mil
Army Key Management
https://cryptomod.kc.us.army.mil
Army CryptoMod PMO
https://uit.gordon.army.mil
University of Information Technology/LandWarNet University