Army Knowledge Online

Last updated
Army Knowledge Online logo Army Knowledge Online (AKO) logo.png
Army Knowledge Online logo

Army Knowledge Online (AKO) was a web application that provided enterprise information services to the United States Army, joint, and Department of Defense customers.

Contents

AKO was sunset in 2021. [1] The remaining following information is historical in nature.

Enterprise services were provided to those customers on both classified and unclassified networks, and included portal, e-mail, directory, discovery, and single sign-on functionality. [2] All members of the Active Duty, National Guard, Reserves, Army civilian, and select contractor workforce had an account which granted access to Army web assets, tools and services worldwide. All users could build pages, create file storage areas, and create and participate in discussion on the portal. AKO provided the Army with a single entry point for access to the Internet and the sharing of knowledge and information, making AKO the Army's only enterprise collaboration tool operating throughout the Department of the Army (DA) worldwide. AKO was deemed "the world's largest intranet in the early 2000's." [3] One of every two deployed soldiers accessed the portal daily for mission and personal purposes, and in 2008 AKO recorded its one-billionth login. [4] AKO had been expanded to the broader DoD community through Defense Knowledge Online, essentially just a rebranding.

AKO was an integrated suite of a number of commercial-off-the-shelf products, including the Appian Business Process Management (BPM) Suite technology. Appian provides the foundation for all information dissemination, knowledge sharing, process management and collaboration across AKO. Users can build custom access control lists for each piece of content they own to determine the audience allowed to see or use their content. AKO had approximately 2.3 million registered users, supporting over 350K users logging in up to a million times a day as well as receiving and delivering on average 12 million emails daily. [5]

History and development

AKO was established in the late 1990s as an experimental outgrowth of a project of the General Office Management Office. This early project led to A2OL (America's Army Online), but legal concerns over this name and the parallelism to other commercial vendors caused the Army Project team to seek a new name. Early Project Officers for AKO were charged to develop, research and expand the portal to benefit Army Users Worldwide and to grow the system from its less than auspicious roots. The project has run through various incarnations and later project leaders, but still the fundamentals of this system apply: centralized name spacing of email (with webmail access), white pages, unification of data conduits, central capability of authentication and repudiation of credentials and the ability to remotely access content. [6]

At the time of creation, the Army did not have a centralized portal construct. Army intranet presences on networks were not highly developed, or were more limited in capability and scope. AKO attempted to become a central portal for communication among Army (military and civilian) Service members and contractors. Efforts like "email for life" piloted by AKO was an early precursor to "Soldier for Life" initiatives in the Army. Other initiatives, such as PKI, were also piloted by AKO, prior to widespread adoption by the Army. Over time, AKO incorporated many centralized functions to improve utility as an intranet portal and central services hub.

Users

By 01 October 2000, under direction from General Shinseki, Chief of Staff, Army (CSA) all Active Duty, Army National Guard and Army Reserve soldiers were required to register for an account on AKO. There are two different types of accounts on Army Knowledge Online, a full account and a guest account. Authorized full accounts did not require any sponsorship to register, and included the following:

Unlike a full account, guest accounts require an Army sponsor with an authorized full account. Guest accounts include the following:

Features and functionality

A primary function of Army Knowledge Online was its web-based e-mail and collaboration capabilities. The process capabilities of AKO's underlying technology had been rolled out to AKO organizations for the development and delivery of Business Process Management applications. One example of an AKO BPM application is "Wounded Warrior," a case management software for the diagnosis and rehabilitation of soldiers wounded in the field. [7]

AKO's Training function allows soldiers and DA (Department of Army) civilians to access Army online education such as Army e-learning Program, Army Learning Management System, [8] Army Correspondence Course Program, Army transcript, US Army Reserve Virtual University, etc. These learning programs allow soldiers and DA civilians opportunities to enrich their educations, such as business courses which are free of charge. These courses can help soldiers with promotion points, and also later be transferred into college credits.

AKO's Finance function allows soldiers to access their financial records, including Leave and Earning Statement, housing allowances, Food allowances, etc. AKO's Medical function has soldiers medical records, including DNA, past physical exam, and status of deployment readiness. There are many other functions as well, including as legal, travel, benefits, family, forms, readiness, and references.

Access and security

Registering for an AKO account was mandatory upon enlistment in the Army. AKO access followed DoD security policy, and was accomplished by password or by a combination of a Common Access Card (CAC) and PIN. The requirements for an AKO password were stringent; a password must contain at least two uppercase letters, two lowercase letters, two numbers, and two special characters. Passwords expired every 150 days, and could not be replaced by any password used the previous ten times. As of 08 April 2015, AKO could no longer be accessed without the use of a military CAC card or a DoD-approved PIV.

Criticism

The AKO system received some substantial criticism with regards to its speed, various areas of functionality, complex security requirements, effectiveness, and compatibility with web browsers, particularly from its daily users. Program leadership maintained that system cumbersomeness was a necessary result of securing all its information, and with increasing cyber threats. Certain required functionality, however, is available only within the AKO system. [5] As time progressed, other capabilities, such as Cloud or SharePoint for organizations, commercial email/applications like Gmail or O365 for individuals, were used as appropriate to fill specific organizational or individual needs.

Related Research Articles

<span class="mw-page-title-main">Password</span> Text used for user authentication to prove identity

A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of password-protected services that a typical individual accesses can make memorization of unique passwords for each service impractical. Using the terminology of the NIST Digital Identity Guidelines, the secret is held by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant's identity.

<span class="mw-page-title-main">Intranet</span> Network of private resources in an organization

An intranet is a computer network for sharing information, easier communication, collaboration tools, operational systems, and other computing services within an organization, usually to the exclusion of access by outsiders. The term is used in contrast to public networks, such as the Internet, but uses the same technology based on the Internet protocol suite.

A web portal is a specially designed website that brings information from diverse sources, like emails, online forums and search engines, together in a uniform way. Usually, each information source gets its dedicated area on the page for displaying information ; often, the user can configure which ones to display. Variants of portals include mashups and intranet dashboards for executives and managers. The extent to which content is displayed in a "uniform way" may depend on the intended user and the intended purpose, as well as the diversity of the content. Very often design emphasis is on a certain "metaphor" for configuring and customizing the presentation of the content and the chosen implementation framework or code libraries. In addition, the role of the user in an organization may determine which content can be added to the portal or deleted from the portal configuration.

A management information system (MIS) is an information system used for decision-making, and for the coordination, control, analysis, and visualization of information in an organization. The study of the management information systems involves people, processes and technology in an organizational context. In other words, it serves, as the functions of controlling, planning, decision making in the management level setting.

In business, an intranet strategy is the use of an intranet and associated hardware and software to obtain one or more organizational objectives. An intranet is an access-restricted network used internally in an organization. An intranet uses the same concepts and technologies as the World Wide Web and Internet. This includes web browsers and servers running on the internet protocol suite and using Internet protocols such as FTP, TCP/IP, HTML, and Simple Mail Transfer Protocol (SMTP).

<span class="mw-page-title-main">Single sign-on</span> Authentication scheme

Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single SSO ID to any of several related, yet independent, software systems.

Identity and access management or Identity management (IdM), is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IAM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and control access for individuals who will be utilizing IT resources but also the hardware and applications employees need to access.

Business software is any software or set of computer programs used by business users to perform various business functions. These business applications are used to increase productivity, measure productivity, and perform other business functions accurately.

Enterprise content management (ECM) extends the concept of content management by adding a timeline for each content item and, possibly, enforcing processes for its creation, approval, and distribution. Systems using ECM generally provide a secure repository for managed items, analog or digital. They also include one methods for importing content to manage new items, and several presentation methods to make items available for use. Although ECM content may be protected by digital rights management (DRM), it is not required. ECM is distinguished from general content management by its cognizance of the processes and procedures of the enterprise for which it is created.

Self-service password reset (SSPR) is defined as any process or technology that allows users who have either forgotten their password or triggered an intruder lockout to authenticate with an alternate factor, and repair their own problem, without calling the help desk. It is a common feature in identity management software and often bundled in the same software package as a password synchronization capability.

<span class="mw-page-title-main">Common Access Card</span> Standard identification for Active Duty United States Defense personnel

The common access card, also commonly referred to as the CAC, is the standard identification for active duty United States defense personnel. The card itself is a smart card about the size of a credit card. Defense personnel that use the CAC include the Selected Reserve and National Guard, United States Department of Defense (DoD) civilian employees, United States Coast Guard (USCG) civilian employees and eligible DoD and USCG contractor personnel. It is also the principal card used to enable physical access to buildings and controlled spaces, and it provides access to defense computer networks and systems. It also serves as an identification card under the Geneva Conventions. In combination with a personal identification number, a CAC satisfies the requirement for two-factor authentication: something the user knows combined with something the user has. The CAC also satisfies the requirements for digital signature and data encryption technologies: authentication, integrity and non-repudiation.

Glow is the Scottish Schools National Intranet. It is a major national ICT and telecommunications programme managed by Education Scotland. The project is funded by the Scottish Government and is a collaboration between local authorities, Education Scotland and RM Education. The online portal is powered by RM Unify, a service which provides account management and the Launchpad, an interface which allows users to access applications provided by the Scottish Government, local authorities, and individual schools.

An enterprise portal, also known as an enterprise information portal (EIP), is a framework for integrating information, people and processes across organizational boundaries in a manner similar to the more general web portals. Enterprise portals provide a secure unified access point, often in the form of a web-based user interface, and are designed to aggregate and personalize information through application-specific portlets.

Cyn.in is an open-source enterprise collaborative software built on top of Plone a content management system written in the Python programming language which is a layer above Zope. Cyn.in is developed by Cynapse a company founded by Apurva Roy Choudhury and Dhiraj Gupta which is based in India. Cyn.in enables its users to store, retrieve and organize files and rich content in a collaborative, multiuser environment.

Password fatigue is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to log in to a computer at work, undo a bicycle lock or conduct banking from an automated teller machine. The concept is also known as password chaos, or more broadly as identity chaos.

ILIAS is an open-source web-based learning management system (LMS). It supports learning content management and tools for collaboration, communication, evaluation and assessment. The software is published under the GNU General Public License and can be run on any server that supports PHP and MySQL.

<span class="mw-page-title-main">SharePoint</span> Web application platform

SharePoint is a collection of enterprise content management and knowledge management tools developed by Microsoft. Launched in 2001, it was initially bundled with Windows Server as Windows SharePoint Server, then renamed to Microsoft Office SharePoint Server, and then finally renamed to SharePoint. It is provided as part of Microsoft 365, but can also be configured to run as on-premises software.

Secure messaging is a server-based approach to protect sensitive data when sent beyond the corporate borders, and it provides compliance with industry regulations such as HIPAA, GLBA and SOX. Advantages over classical secure e-mail are that confidential and authenticated exchanges can be started immediately by any internet user worldwide since there is no requirement to install any software nor to obtain or to distribute cryptographic keys beforehand. Secure messages provide non-repudiation as the recipients are personally identified and transactions are logged by the secure email platform.

An intranet portal is the gateway that unifies access to enterprise information and applications on an intranet. It is a tool that helps a company manage its data, applications, and information more easily through personalized views. Some portal solutions are able to integrate legacy applications, objects from other portals, and handle thousands of user requests. In a corporate enterprise environment, it is also known as an enterprise portal.

milSuite, launched in October 2009 by the U.S. Army PEO EIS milTech Solution office, is a collection of online applications designed to enhance secure collaboration for the United States Department of Defense. With a served user base of 2.21 million, milSuite is one of the largest networks for personal information sharing across the joint-domain. milSuite comprises ten applications, with its five primary applications being milBook, milWiki, milTube, milUniversity and milSurvey.

References

[9]

  1. "PEO EIS's Enterprise Services Wraps Up Army Knowledge Online Legacy". DVIDS. Retrieved 2023-12-21.
  2. Business Transformation Agency, "Congressional Report on Defense Business Operations, March 2010"
  3. WIRED, "Army Intranet: World's Largest," 11.15.01
  4. NextGov, "Army Intranet Tops 1 Billion Log-ins," 10.24.08
  5. 1 2 Gould, Joe (2010-11-28). "GIs, officials disagree on effectiveness of AKO". Army Times. Retrieved 2011-06-27.
  6. Ft. Lee's AKO document Archived June 24, 2007, at the Wayback Machine
  7. Informationweek, "BPM To Streamline Soldier Rehabilitation," 6.9.10
  8. "Army Learning Management System".
  9. Christ, Erika. "Enterprise Services Wraps Up Army Knowledge Online Legacy". US Army. US Army. Retrieved 29 August 2023.

AKO Homepage on the Internet Archive

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.