Overview

Key Management Solutions, LLC (KMS) is a Veteran Owned Small Business (VOSB) that provides Information System Security Engineering (ISSE), Department of Defense (DoD) and Federal Certification & Accreditation (C&A), Research, Development, Test and Evaluation (RDT&E), and Rapid Technology Transition services with an emphasis on supporting the development and transition of NSA Suite B-enabled Commercial Solution for Classified (CSfC), Secure Cloud, Cross Domain Access (CDA) and/or Quantum Computer Resistant Algorithm-enabled Prototype and Instantiation efforts.

The following sections provide a more detailed breakout of some of our key technologies.

Technologies
  • Cybersecurity Hardening
  • Quantum Resistant Cryptography
  • Software Defined Enterprise

Our engineering experts understand the importance and role cybersecurity plays in advanced technologies. We work with customers to ensure effective cybersecurity is baked into the system requirements and also work with customers to implement effective security controls later in the System Development Lifecycle (SDLC).


CSfC

The Commercial Solutions for Classified (CSfC) program within the NSA IAD uses a series of vendor agnostic Capability Packages (CPs) to provide configurations that will allow customers to independently implement secure solutions using layered, NSA Suite B cipher-based Commercial Off the-Shelf (COTS) products.

Since 2007, KMS has and continues to provide a number of CSfC and CSfC-related Integration Services and Technologies (to include KMS-internal R&D Technologies). Information on KMS CSfC-Related technologies is provided below (to include Quantum Computer Resistant Algorithms, One-Way Gates, and Cross Domain Access technologies). Information on KMS CSfC Services can be found here


Software Defined Systems and Networks (Cloud)

Software defined systems, often referred to as virtual systems, cloud systems, or cloud computing, represent the next major evolution in information technology. With the advancement of software defined systems has introduced software defined storage, networks, telephone systems, and much more.

KMS provides advanced engineering services to streamline and incorporate the security hardening of software defined systems and networks. When combined with other technologies such as quantum computer resistant algorithms (QCRA) and secure remote access, KMS delivers reflexive and resilient operational systems with advanced security.


Secure Remote Access

Secure remote access in today’s ever-evolving and complicated infrastructures requires advanced knowledge of mobile devices, capability design standards, complex networks, and interconnections.

KMS provides advanced engineering integration services to deliver best of breed solutions that are elegantly engineering without compromising the requirements for data security and operational efficiency.

Effective secure remote access solutions help to:

Secure Remote Access
  • Minimize Attack Vectors
  • Limit Exposure
  • Achieve Compliance
  • Mobilize

One-Way Transfer

Over the years, and driven by operational needs in support of management / sensor system and/or CSfC 'gray / outer' tunnel management export requirements, KMS has developed a number of working One-Way Transfer (OWT) prototypes, including but not limited to the KMS SplitGate / SplitGuard (Non-Cross Domain Solution, one-way and two-way sensor data transfer), and the KMS Split Virtual Network Management System (CSfC Outer Tunnel Monitor and export capability). KMS is also working with Unified Cross Domain Management Office-approved (UCDMO-approved) product manufacturers, as well as Operation-Based Transfer Capability (OBTC) options to test and optimize OWT solutions for operational sites.

KMS's continued growth in the OWT RDT&E area is fueled by our on-going ISSE and RDT&E support for OWT-enabled systems / capabilities to include Naval / Joint sensor systems, COCOM and Partner Nation Virtual Data Center development efforts, and other Computer Network Defense Service Provider (CND-SP) integration efforts. Our success to date is the result of our deep understanding of OWT technical and policy issues, the overall OWT Approval and Accreditation processes (to include Risk Decision Authority Criterion (RDAC)), as well as our ability to think enough outside the box to either make current gate solutions better / more efficient and/or propose game-changing alternatives.


Cross Domain Access

DoD Instruction 8540.01 dated May 8, 2015 establishes policy, assigns responsibilities, and identifies procedures for the interconnection of Information Systems (ISs) of different security domains using CD Solutions (CDSs) and aligns CD guidance for managing the information security risk and authorizing a CDS with the Risk Management Framework (RMF). As defined in that publication, an Access Cross Domain Solution (or CD-Access) is a type of CDS that provides access to a computing platform, application, or data residing on different security domains from a single device without any transfer between the various domains. An example would be a single, physical workstation that securely (and separately) hosts multiple virtualized machines - all of which are operating at a different classification. Data does not pass between the classifications, but the user of the system can simultaneously view (have access to) the classifications.

Leveraging multiple KMS Services (ISSE, C&A, CSfC and Secure Cloud / virtualization) and KMS Technologies (OWT, IdAM, Secure Remote Access, and CSfC) KMS has, and continues to support a number of Cross Domain Access development and deployment efforts. KMS expects CD-Access / multi-domain deployments to increase - whether it be US / Coalition / Partner Nation and/or US DoD / Civil / Federal Interagency - and we expect to play a continuing role in optimizing current and/or developing new capabilities in this area.


Identity and Access Management (IdAM)

Identify and Access Management (IdAM) includes the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. Technologies, services and terms related to IdAM include Directory services, Service Providers, Identity Providers, Web Services, Access control, Digital Identities, Password Managers, Single Sign-on, Security Tokens, Security Token Services (STS), Workflows, OpenID, Web Service (WS)-Security, WS-Trust, Security Assertion Markup Language (SAML), and Role Based Access Control (RBAC) - to name a few.

Within today's converged and interconnected networks and systems, visibility into administrative actions is critical.

Identity and Access Management (IdAM)
  • Minimize Attack Vectors
  • Limit Exposure
  • Achieve Compliance
  • Mobilize

Defense, Federal, commercial - enablement of SECURITY FOR MOBILE/remote access DEVICES (both customer-provided and employee Bring Your Own Device (BYOD)).

For additional information on KMS IdAM-related technologies contact us at info@kmssecurity.com