- Communications security
Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. In the United States Department of Defense culture, it is often referred to by the abbreviation COMSEC. The field includes cryptosecurity, transmission security, emission security, traffic-flow security. and physical security of COMSEC equipment.
COMSEC is used to protect both classified and unclassified traffic on military communications networks, including voice, video, and data. It is used for both analog and digital applications, and both wired and wireless links.
Secure voice over internet protocol (SVOIP) has become the defacto standard for securing voice communication, replacing the need for STU-X and STE equipment in much of the U.S. Department of Defense. USCENTCOM moved entirely to SVOIP in 2008.
- Cryptosecurity: The component of communications security that results from the provision of technically sound cryptosystems and their proper use. This includes ensuring message confidentiality and authenticity.
- Emission security (EMSEC): Protection resulting from all measures taken to deny unauthorized persons information of value which might be derived from intercept and analysis of compromising emanations from crypto-equipment, automated information systems (computers), and telecommunications systems.
- Physical security: The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons.
- Traffic-flow security: Measures that conceal the presence and properties of valid messages on a network. It includes the protection resulting from features, inherent in some cryptoequipment, that conceal the presence of valid messages on a communications circuit, normally achieved by causing the circuit to appear busy at all times.
- Transmission security (TRANSEC): The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis (e.g. frequency hopping and spread spectrum).
Separating classified and unclassified information
The RED/BLACK concept requires electrical and electronic circuits, components, and systems which handle encrypted ciphertext information (BLACK) be separated from those which handle unencrypted classified plaintext information (RED). The red/black concept can operate on the level of circuits, components, equipment, systems, or the physical areas in which they are contained.
- AKMS = the Army Key Management System
- AEK = Algorithmic Encryption Key
- CT3 = Common Tier 3
- CCI = Controlled Cryptographic Item - equipment which contains COMSEC embedded devices
- EKMS = Electronic Key Management System
- NSA = National Security Agency
- ACES = Automated Communications Engineering Software
- DTD = The Data Transfer Device
- DIRNSA = Director of National Security Agency
- TEK = Traffic Encryption Key
- TED = Trunk Encryption Device such as the WALBURN/KG family of CCI
- KEK = Key Encryption Key
- OWK = Over the Wire Key
- OTAR = Over The Air Rekeying
- LCMS = Local COMSEC Management Software
- KYK-13 = Electronic Transfer Device
- KOI-18 = Tape Reader General Purpose
- KYX-15 = Electronic Transfer Device
- KG-30 = TSEC family of COMSEC equipment
- TSEC = Telecommunications Security (sometimes referred to in error transmission security or TRANSEC)
- SOI = Signal Operating Instruction
- SKL = Simple Key Loader
- TPI = Two Person Integrity
- STU-III (secure phone)
- STE - Secure Terminal Equipment (secure phone)
Types of COMSEC equipment:
- Crypto equipment: Any equipment that embodies cryptographic logic or performs one or more cryptographic functions (key generation, encryption, and authentication).
- Crypto-ancillary equipment: Equipment designed specifically to facilitate efficient or reliable operation of crypto-equipment, without performing cryptographic functions itself.
- Crypto-production equipment: Equipment used to produce or load keying material
- Authentication equipment:
DoD key management system
The EKMS is DoD key management, COMSEC material distribution, and logistics support system. The NSA established the EKMS program to supply electronic key to COMSEC devices in securely and timely manner, and to provide COMSEC managers with an automated system capable of ordering, generation, production, distribution, storage, security accounting, and access control.
The Army's platform in the four-tiered EKMS, AKMS, automates frequency management and COMSEC management operations. It eliminates paper keying material, hardcopy SOI, and associated time and resource-intensive courier distribution. It has 4 components:
- LCMS provides automation for the detailed accounting required for every COMSEC account, and electronic key generation and distribution capability.
- ACES is the frequency management portion of AKMS. ACES has been designated by the Military Communications Electronics Board as the joint standard for use by all services in development of frequency management and cryptonet planning.
- CT3 with DTD software is in a fielded, ruggedized hand-held device that handles, views, stores, and loads SOI, Key, and electronic protection data. DTD provides an improved net-control device to automate crypto-net control operations for communications networks employing electronically keyed COMSEC equipment.
- SKL is a hand-held PDA that handles, views, stores, and loads SOI, Key, and electronic protection data.
- Information security
- Information warfare
- NSA encryption systems
- Operations security
- Secure Communication
- Signals Intelligence
- Traffic analysis
- Type 1 product
- This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (in support of MIL-STD-188).
- National Information Systems Security Glossary
- This article incorporates public domain material from the United States Department of Defense document "Dictionary of Military and Associated Terms".
- Cryptography machines
Wikimedia Foundation. 2010.
См. также в других словарях:
communications security — The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons … Military dictionary
communications security — ryšių saugumas statusas T sritis Gynyba apibrėžtis Saugumas, kuris pasiekiamas naudojant kriptografijos, perdavimo, skleidimo ir fizinės apsaugos priemones, kad vertinga informacija, gaunama ar perduodama visomis ryšių priemonėmis, nepatektų… … NATO terminų aiškinamasis žodynas
Communications Security Establishment Canada — Badge of the Communications Security Establishment Canada Agency overview Formed 1946 Preceding agency Examination Unit, a civilian organization established in … Wikipedia
Communications Security Establishment — Pour les articles homonymes, voir CSE et CST. Le Communications Security Establishment (abrégé en CSE), ou Centre de la sécurité des télécommunications (abrégé en CST), est le service de renseignement du gouvernement canadien chargé du programme… … Wikipédia en Français
Communications Security Establishment Canada — noun Communications Security Establishment Syn: CSEC, Communications Security Establishment, CSE See Also: communications, security, establishment, security establishment, communications security, communications establishment, comminications… … Wiktionary
Communications Security Establishment — noun Canadian foreign signals intelligence and cryptography agency Syn: CSE, Communications Security Establishment Canada, CSEC See Also: communications, security, establishment, security establishment, communications security, communications… … Wiktionary
communications security equipment — Equipment designed to provide security to telecommunications by converting information to a form unintelligible to an unauthorized interceptor and by reconverting such information to its original form for authorized recipients, as well as… … Military dictionary
Communications Security Establishment — noun Canadian agency that gathers communications intelligence and assist law enforcement and security agencies • Syn: ↑CSE • Regions: ↑Canada • Hypernyms: ↑international intelligence agency … Useful english dictionary
communications security material — All documents, devices, equipment, or apparatus, including cryptomaterial, used in establishing or maintaining secure communications … Military dictionary
communications security monitoring — The act of listening to, copying, or recording transmissions of one … Military dictionary