The COMSEC, Accounting, Reporting, and Distribution System (CARDS) is a suite of enterprise COMSEC management tools. They are used to track and manage accountability and automate the business processes associated with all aspects of a COMSEC support organization and its end-users.
CARDS Features
CARDS is a web-based application that provides full life-cycle support for an organization’s COMSEC assets and automates all management-related tasks within an organization. CARDS supports the “business” of COMSEC.
From key managers sitting at the COR to COMSEC custodians and everyone in between, CARDS has functionality for everyone in the COMSEC umbrella. Based on a central database, CARDS lets each user have access to the information they need (and only the information they need) in real time, simplifying and automating the task of running a COMSEC organization. CARDS saves an organization time and money, minimizing potentially costly mistakes.
CARDS tracks millions of COMSEC assets worldwide
The CARDS suite of COMSEC management products encompasses all levels of asset management from the COR to hand receipt holders.
CARDS Functionality
COMSEC Accounting
From receipt of material to issuing SF153s, CARDS handles all types of transactions with modern, easy to use interfaces. Material is tracked real-time in a central database giving users and policy makers a birds-eye view of all of the assets of an organization. As COMSEC material is transferred, received, and destroyed, CARDS uses a high-integrity data model to ensure accuracy and records extensive digitally signed audit trails. Automatic destructions and inventories allows a user to destroy all superseded key or perform mass inventories of multiple accounts at a time, increasing efficiency and speed.
Black Key Distribution
CARDS improves the current cumbersome and insecure black key delivery methods by facilitating worldwide, fully-secure black key delivery. CARDS Black Key distribution imports wrapped key from EKMS and distributes it through the network to CARDS users. It enables secure delivery to anyone, anywhere, including standard LAN/WAN, satellite, IP radio, and dial-up.
Configuration Management
Because COMSEC equipment is getting more complicated with each generation, each make and model has its own set of data requirements. To adapt to such changes, CARDS has the following extensive configuration management tools for all types of CCI equipment:
- Multiple software versions
- Battery installation dates
- Key splits
- Custom field creation
- Search and report on all Configuration Management data
- Software update upload/downloads
- Accessory tracking
- Kits
The CARDS configuration management model allows flexibility and dynamic growth with the changing landscape of crypto programs.
Key Management
Complete key management tools let key managers and controlling authorities manage the full cycle of traditional and modern key using easily manageable graphic interfaces. CARDS provides controlling authorities system-wide control of key effective dates and supercession dates. Controlling Authorities may also set the key distribution requirements for each of its accounts, allowing automatic tracking of key expiration dates and ensuring automatic distribution of required key before expiration of current key to each account.
Barcode Inventory Management
Cut inventory and transaction processing time in half using the CARDS barcode module. The barcode inventory module uses half the time and personnel when compared to using paper to perform transactions. It makes performing inventories easier using barcode scanners to perform inventories and resolve inventory discrepancies. This module can be used at warehouse locations, large accounts or by auditors.
The barcode transaction module makes creating new transactions easier by using barcode scanners for item selection. CARDS also allows a user to create destruction or transfer transactions directly on the barcode reader, eliminating the need to enter transaction information manually before scanning the items. Thus, the module cuts the time used to process transactions, while reducing mistakes.
The CARDS barcode module uses PDF-417 labels read by hand-held Windows CE-based 2D barcode scanners in either store-and-forward or wireless mode to manage your depot inventories.
Procurement
No more do COMSEC procurement personnel have to track ownership of material on paper. CARDS provides a procurement module to track procurement orders, funding sources and programs, and allocation COMSEC material based on previously defined procurement requirements. Personnel may easily view the equipment balances for each program or department, transfer balances as desired, and create depreciation reports. Basically, CARDS easily tracks the who, when, where, and how much aspects of all COMSEC equipment procured.
Distribution
The CARDS distribution module offers a digital format in which to track the creation and shipment of COMSEC packages. It is very flexible in all its processes, allowing user of administrator customization. An administrator may easily setup limitless shipping types, label types, and local element addresses, saving them in one location for easy access and modification. The CARDS distribution module supports multiple wraps with different labels for each wrap. It also provides support for tamper protection programs.
Black key distribution
Worldwide, fully secured black key delivery to anyone, anywhere, any platform
Current Black Key delivery methods are cumbersome, insecure or both. Over the air distribution requires operatores at both ends, has a complicated setup and is prone to transmission errors and restarts. Other methods, such as email or shared online folders, are not secure, do not provide complete audit logs and may not be available everywhere. Delivery via a fill device can involve long delays and potentially hazardous trips.
How does CARDS Black Key Server solve this problem?
Worldwide fully secured black key delivery to anyone, anywhere, any platform.
CARDS Black Key Server (BKS) is a state of the art web application designed to manage and secure distribution of TrKEK wrapped key throughout an organization. BKS will use any network link available to let the end users download key from the CARDS server. This can include traditional LAN/WAN’s, SCIP dialup, IP Radio, Satellite, or GSM/CDMA with a secure phone. The download can be performed by any PC/Mac/Unix client running a standard web browser, Netbook, or UMPC. The key can be downloaded to the local client for later upload into a fill device, or it can be sent directly to the fill device using a serial port on a PC or other client.
In addition to distribution ok key, CARDS BKS will keep track of network key refill schedules, performs automatic emergency supercession, has controlling authority specific interfaces, and prints key order forms.
Black Key Security
CARDS BKS is secured using the latest PKI technology. If your network supports digital certificates, CARDS BKS will use these certificates for authentication, non-repudiation, and will secure the audit records. CARDS BKS will use SSL or TLS as an auxiliary encryption to ensure the black key only gets received by the destination account (Local Element).
Equipment Management
COMSEC Equipment is getting more complicated with each generation. Each make and model has a different set of data requirements, unlike older equipment which was fairly uniform. As COMSEC platforms move to a more software based solution, the ability to upgrade these systems becomes essential, To do this you need to know who has these platforms and where they are, and be able to notify custodians, deliver the upgrade and directions to the custodians, and verify the gear has been updated. In most organizations this information is scattered across dozens or hundreds of different software systems, or spread sheets, creating an unmanageable mess with no way to centrally use the information.
How can we management COMSEC Equipment better?
CARDS (COMSEC Accounting Reporting and Distribution System) takes care of all of your Configuration Management needs now and in the future. Providing the central authority information in seconds like current software versions, IP addresses, key splits, waveforms, etc. The information stored about a specific equipment type (Short Title) is dynamic and definable by the administrator of the CARDS system. Queries can be run against all of the information stored in the configuration management module in seconds. Software can be loaded into the CARDS system for download by the end user. This creates an end to end solution.
Features
Configuration management is just the beginning of the equipment management capabilities in the CARDS system. CARDS also incorporates these other features:
- Procurement Module – The procurement module tracks orders from manufactures, and program allocation information.
- Spare inventory tracking
- Maintenance module – Tracks parts and time used to repair COMSEC assets, processes ROP/DA transactions for CCI board swapping.
- Accessory tracking – Tracks accessories such as antennas, push-to-talk hand sets, batteries, and fill cables.
- Real time value of inventory and depreciation
- Multiple wrap shipping module – Prints out inner and outer wrap lables for packages, keeps track of shipping control numbers and what was placed in each box.
The COMSEC Accounting, Recording, and Distribution System (CARDS) provides full life-cycle support for an organization’s COMSEC assets and automates all management-related tasks within an organization. In short, CARDS supports the “business” of COMSEC. From key managers at the Tier 1 COR to COMSEC custodians, CARDS enables functionality for everyone under the COMSEC umbrella. The current challenge in management of assets in a modern COMSEC Organization force is the use of a combination of software applications and platforms. Distribution of data and functionality across multiple platforms causes data duplication and an increase in error. CARDS wraps COMSEC management functions into a single modern portal system, which eliminates the need for stove-pipe applications. CARDS incorporates the following elements of COMSEC management, among others:
- Security / Access Control
- Ordering
- Physical Distribution / Shipping
- Data Archival
- Accounting
- Key Recovery
Security / Access Control
CARDS enables the authentication, modification, and deletion of privileges for individuals, organizations and system elements. All user connections are forced to authenticate and establish a valid session prior to gaining access to the CARDS Schema. Even if one were to bypass the portal applications and attempt direct connections to procedures and services, no database content can be rendered to the client without a validated session. Once a user has been properly authenticated, the security settings set by an administrator via the user privilege interfaces of CARDS to restrict a user’s system actions, from the accounts the user may manage down to the customized or standard reports the user may generate. Additionally, the system allows an administrator to monitor the actions of each user and to kick a malicious user out of the system as desired.
Ordering
COMSEC accounts may request COMSEC material from the COR / Distribution account using the Material Requests interface, which allows an account to specify its requirements for material and send it to the proper COR / Distribution account for fulfillment. CARDS also provides users Shopping Cart functionality. The CARDS Portal Shopping Cart will allow users to order COMSEC equipment as a material request to a distribution account by specifying their COMSEC equipment requirements and ancillary information. This feature allows a user at a field account to browse through various categories of items, select the desired items, indicate the requesting account, and add them to a cart. The user can view/select equipment from a web-based catalog meeting their requirements. Each item in each category displays the item image, short title name, description, price, and any availability information. Once the user has completed shopping, the user may process the cart, creating a material request for those items and the indicated accounts. The material request is then processed and fulfilled as a work order from the desired distribution account.
CARDS also tracks procurement of equipment from vendors for specific programs or departments. CARDS provides a Procurement module to track procurement orders, funding sources and programs, and the allocation of COMSEC material based on previously defined procurement requirements. At any time, COMSEC personnel may view the procurement information for each piece of equipment – costs, funding source, and the owning program / project. COMSEC Personnel may also view the equipment balances for each program or department, transfer balances as desired, and create depreciation reports.
Physical Distribution / Shipping
CARDS automates the distribution of electronic and physical material in a secure manner. The CARDS package distribution module offers a digital format in which to track the creation and shipment of COMSEC packages and manifests. It is very flexible in all its processes, allowing user or administrator customization. An administrator may easily setup limitless shipping types, label types, and local element addresses, saving them in one location for easy access and modification. The CARDS distribution module supports multiple wraps with different labels for each wrap. It also provides support for tamper protection programs.
Data Archival
Mitigate the loss and duplication of documentation by storing documents digitally in one central location using CARDS Portal document management module. The document management module is used to store everything from wet signatures on reports to equipment manuals on the CARDS Server, allowing easy access from a central location. Easy associations of documents to an account or local element, short title, specific register item, work order, and transactions makes searching and access a snap.
Accounting
With the use of explorer trees, COMSEC material search and management interfaces, CARDS tracks and displays the location and status of cryptographic products in real-time on one central database. From the time COMSEC material is received into the system to the time it is destroyed, CARDS records each COMSEC action and transaction performed on each item during its life cycle for retrieval by each user of the CARDS system.
Key Distribution / Recovery
CARDS incorporate multiple methods of key scheduling, distribution, and recovery. To enable key distribution, controlling authorities may set the key distribution requirements for each of its accounts, allowing automatic tracking of key expiration dates and ensuring automatic distribution of required key before expiration of current key to each account. CARDS Black Key distribution imports wrapped key from EKMS via floppy or wire and distributes it securely via network resources through the network to CARDS users. Each key download is SSL/TLS secured and authenticated using PKI certificates
Training
CARDS Portal User Training:
CARDS Portal User Training is a course in the basic use of CARDS Portal. The class introduces users to the main interfaces of CARDS facilitating the accounting, tracking, and distribution of COMSEC material.
CARDS Development Training:
CARDS Developer Training introduces participants to CARDS Portal third-party development. Third-party developers will learn how to customize the appearance and the features of CARDS Portal for the mission of their respective organizations.
CARDS Portal Admin Training:
CARDS Portal Admin Training teaches CARDS Portal administrators how to manage the access control, server administration, backup and recovery, and software patching.
CARDS Portal Computer Based Training:
Every CARDS install includes multiple computer-based step-by-step tutorials that demonstrate how to use common CARDS Portal interfaces to perform daily COMSEC actions.