Communications security

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. In the United States Department of Defense culture, it is often referred to by the abbreviation COMSEC. The field includes cryptosecurity, transmission security, and physical security of COMSEC equipment.

COMSEC is used to protect both classified and unclassified traffic on military communications networks, including voice, video, and data. It is used for both analog and digital applications, and both wired and wireless links.

Voice over secure internet protocol VOSIP has become the de facto standard for securing voice communication, replacing the need for Secure Terminal Equipment (STE) in much of the U.S. Department of Defense. USCENTCOM moved entirely to VOSIP in 2008.[1]

Specialties[edit]

  • Cryptosecurity: The component of communications security that results from the provision of technically sound cryptosystems and their proper use. This includes ensuring message confidentiality and authenticity.
  • Emission Security (EMSEC): The protection resulting from all measures taken to deny unauthorized personnel information of value that might be derived from communications systems and cryptographic equipment intercepts and the interception and analysis of compromising emanations from cryptographic-equipment, information systems, and telecommunications systems.[2]
  • Transmission Security (TRANSEC): The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis (e.g. frequency hopping and spread spectrum).
  • Physical security: The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons.

Related terms[edit]

Types of COMSEC equipment:

  • Crypto equipment: Any equipment that embodies cryptographic logic or performs one or more cryptographic functions (key generation, encryption, and authentication).
  • Crypto-ancillary equipment: Equipment designed specifically to facilitate efficient or reliable operation of crypto-equipment, without performing cryptographic functions itself.[3]
  • Crypto-production equipment: Equipment used to produce or load keying material
  • Authentication equipment:

DoD key management system[edit]

The EKMS is DoD key management, COMSEC material distribution, and logistics support system. The NSA established the EKMS program to supply electronic key to COMSEC devices in securely and timely manner, and to provide COMSEC managers with an automated system capable of ordering, generation, production, distribution, storage, security accounting, and access control.

The Army's platform in the four-tiered EKMS, AKMS, automates frequency management and COMSEC management operations. It eliminates paper keying material, hardcopy SOI, and associated time and resource-intensive courier distribution. It has 4 components:

  • LCMS provides automation for the detailed accounting required for every COMSEC account, and electronic key generation and distribution capability.
  • ACES is the frequency management portion of AKMS. ACES has been designated by the Military Communications Electronics Board as the joint standard for use by all services in development of frequency management and cryptonet planning.
  • CT3 with DTD software is in a fielded, ruggedized hand-held device that handles, views, stores, and loads SOI, Key, and electronic protection data. DTD provides an improved net-control device to automate crypto-net control operations for communications networks employing electronically keyed COMSEC equipment.
  • SKL is a hand-held PDA that handles, views, stores, and loads SOI, Key, and electronic protection data.

See also[edit]

References[edit]

  1. ^ USCENTCOM PL 117-02-1.
  2. ^ http://cryptome.org/dodi/2013/afssi-7700.pdf
  3. ^ INFOSEC-99

External links[edit]