COMMUNITY-WIDE, COMPUTER-ASSISTED COMPARTMENTATION CONTROL SYSTEM (4CS)
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP80M01066A001100070003-2
Release Decision:
RIPPUB
Original Classification:
K
Document Page Count:
15
Document Creation Date:
December 16, 2016
Document Release Date:
October 6, 2004
Sequence Number:
3
Case Number:
Publication Date:
September 17, 1975
Content Type:
MF
File:
Attachment | Size |
---|---|
![]() | 447.58 KB |
Body:
Approved E,gr Release 2004/10/28 : CIA-RDP80MO1 66AO01100070003-2
UNITED STATES INTELLIGENCE BOARD
SECURITY COMMITTEE
SECOM-D-112
17 September 1975
MEMORANDUM FOR:
Chairman, United States Intelligence Board
SUBJECT .
Community-Wide, Computer-Assisted
Compartmentation Control System (4C~s)
REFERENCE .
(A)
(B)
USIB-M-669, 30 May 1974, Item 5
USIB-D-9. 5/16, 30 October 1974
1. Attached is the report of the Security Committee's
working group on the follow-on study which the Board agreed to
support after the Security Committee recommended rejection of
the CLAIRE. coxicept...
2. Toward a goal of inducing economy and efficiency
in the community's management of compartmented clearances,
the representatives of CIA, DIA, Army, Navy, Air Force, State,
ERDA and NSA developed and costed a design to meet their
requirements in this area. The configuration of this system calls
for a central facility in the form of a secure dedicated minicomputer
in one agency connected to remote terminals in other agencies.
3. The design permits registration of approximately
300, 0.00 indiyi.duals,. each of whore .can be credited with 1, 000.
clearances. The design is open-ended and more storage capacity
can be added. The design provides for expansion capabilities
but is limited initially to use in the Washington area. The design
also provides for a suppression capability to limit access to
certain personnel and/or clearances to the inputting department
if this feature is desired.
4. The central facility would cost approximately $431, 707
and require monthly personnel costs of $13, 333 and maintenance
costs of $2, 267. Departments and agencies perceive the need for
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
25X1 Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved r Release 2004/10/28 : CIA-RDP80MQJ 066AO01100070003-2
(d) That the departments and agencies fund the costs
of selection, purchase and installation of terminals configured
to meet their perceived needs.
Attachment
4Cs Report
a E.
Director, oint Cter Services
NOTED:
18 SEP 1975
Samuel V. Wilson
Lieutenant General;' tJSA
D/DCI/IC
Date
25X1
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved Mgr Release 2004/10/28 : CIA-RDP80M0TjQ66A001100070003-2
Requirements for a
Community - Wide, Computer -Assisted
Compartmentation Control System
(July 1975)
Security Committee Task XI-I
Attachment:
Supporting Facts and Observations
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
Approved Fes- Release 2004/10/28 : CIA-RDP80M019,66A001100070003-2
Report of the Working Group of the USIB Security Committee
on Requirements for a Community -Wide, Computer -Assisted
Compartmentation Control System
1. Introduction
This report was prepared by a Working Group of the Security
Committee of USIB with representation from CIA, Chairman, DIA,
Army, Navy, Air Force, NSA, State and ERDA. The FBI and
Treasury declined participation although they expressed interest
in the study.
The report satisfies requirement of a task by the Security
Committee in November 1974 to conduct a study of the intelligence
community's requirements and devise a concept for a viable cost-
effective procedure to assist in control of compartmented accesses.
The Working Group first assembled requirements of the
community members and then submitted a statement of needs to
system design personnel in CIA and DIA for independent feasibility
and cost studies. The Working Group examined DIA and CIA
proposals and selected a DLA design which the Working Group calls
the "Community-Wide, Computer -Assisted Compartmentation Control
System" (4C).
2. Discussion
A....,The Iecomm.e,nde.d:4C.:syste.mmconsists..o.f.a,d.edica.ted..
mini-computer containing a central data base of intelligence community
access approvals. The proposed system would be developed in two
phases: the first phase provides on-line remote update and retrieval
capabilities within Washington area headquarters offices only; the
second phase permits an on-line expansion throughout the United
States. . Once implemented, the system,would allow. participating
activities direct access to sensitive compartmented information (SCI)
access approvals for most intelligence community personnel in a
timely and efficient manner.
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
(1) Benefits from the recommended 4C system as opposed
to maintaining existing separate systems within the intelligence
community include:
a) Improvement of overall efficiency through
uniformity of approach for security handling within
the intelligence community.
b) Cost advantages result which are unattainable
using existing individual system to achieve the 4C objectives.
c) Significant reductions in the volume of clearance
certification message traffic inter- and intra-participating
organizations.
d) Continuous rather than limited incumbent and
billet access verification by Special Security Officer (SSO)
facilities.
e) Elimination of need for perry anent certifications
among participating services and agencies.
f) Significant time savings for outlying Special
Security Officer sites supporting major headquarters and
subordinate elements having high volume in personnel and
billet access requirements,
g) Elimination of need to contact multiple sources
for individual billet access. approvals.
(2) Specifically, . the .recommended system:
a) Meets the basic objectives as set forth by the
Chairman, Security Committee, which are:
1_ Permit rapid verification 'of current (and
future) SCI access approvals of individuals by any
intelligence community organization participating
in the system;
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
Approved Mgr Release 2004/10/28 : CIA-RDP80M01Q.66A001100070003-2
2 Provide access control and accounting
mechanism for intelligence "bigot" lists and
"bigoted" programs/projects;
3 Eliminate individual SCI access control
systems within participating organizations.
b) In pursuance of the above objectives, the recommended
4C system provides the following capabilities:
1 Offers participants an on-line query
capability using cathode-ray tube terminals (CRT)
and remote batch terminals (R B T) .
2 Meets the common requirements of all
member organizations for control and management
of SCI access, and the DoD SCI billet structure.
3 Provides a'"suppression" capability tha
will conceal, at the option of the inputting organi;ati.on,
the access authorizations and/or the existence of an
individual's record from other participants.
4 Of' ers features for controlling the access
of contractors, foreign personnel and others fofr
whom "need to know" or release. authority must be
established prior to each access certification.
5. Can be expanded throughout the United
States and eventually overseas, if desired. (See
Attachment, paragraph 1)
6 Provides an on-line and batch update
capability from remote locations and-a complete
audit trail to permit trace of all record changes
to initiating organization.
7 Offers a record of access queries to the
system.
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
25X1 Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Next 2 Page(s) In Document Exempt
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved. orRelease 2004/10/28 : CIA-RDP80MQ1066AO01100070003-2
ATTACHMENT
SUPPORTING FACTS AND OBSERVATIONS
OF THE WORKING GROUP
These costs are not system sensitive within the Washington area
and may not be so within CONUS. However, at the point of overseas
expansion of the system they will certainly become so. At that time
the feasibility of linking overseas terminals through then existing
switching systems should be addressed.
2. Analysis of Relative Merits of Large Scale .and Mini-Computer
in the Implementation. of the 4C System
A. Large Scale Computer:
(1) Advantages
a) A -one-third part of a large scale computer is
tentatively available at CIA Headquarters for the
application. Cost would be approximately $3, 000/month
for rental of peripheral devices. ($36, 000/year or
$288, 000 for 8 years. )
b) CIA software (GIM) and software knowledge
and expertise would expedite system development by
an estimated ten months.
(2) Disadvantages
a) Available._(GIM) software cannot provide both
a "suppression" capability and a capability at remote
terminals for programming of output products.
b) "Spillage" of file data possible due to mixing
'of '4C System with other non-related applications
possessing their own sets of terminals.
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
1. Dedicated Communications Line Costs
Approved Fir Release 2004/10/28: CIA-RDP80MO106AO01100070003-2
c) Backup capability is unknown. It would
require commitment of additional CIA hardware or
at least assignment of a precedence to 4C sufficient
to permit it to displace other applications on other
hardware. (This requirement represents some as
yet undefined commitment of additional resources. )
d) Expansion potential is uncertain. Other
systems sharing the computer. will. compete for
available capacity as each system expands. Once
the large scale computer is saturated, there is no
capability for adding small increments of capacity.
B. Mini-Computer
(1) Advantages
,..a.) ..Security maxilnized.by not xnixing,file with
other applications having separate terminals.
b) Backup capability achicved through use of
two min.i.-computers, a dual processor. Both. contribute
to normal. operations; however, if one fails the system
response is degraded, but it doc s not cease to function.
Under normal conditions one.mini-computer (processor.)
would support on-line query operations, and the other
would support batch operations.
c.) Capacity of systern ..can be readily, expanded..,
when operations dictate this step by purchase and
installation of an additional mini-computer and disks.,
d) The administrative problems of competing
priorities with non-related systems sharing the large
scale. computer are avoided..
e) A "suppression" capability is possible
without the sacrifice of any terminal programming
capability.
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved. or Release 2004/10/28 : CIA-RDP80MO1066A001100070003-2
(2) Disadvantages
a) Greater initial outlay of funds required.
The $226, 707 required for the mini-computer hardware
at the central site would exceed the rental charges
associated with the CIA large-scale computer until
approximately five years of operations.
b) Software preparation will take more time
due to the lack of an off-the-shelf or a government-
owned existing system that will completely fulfill
system requirement. If the "suppression" capability
remains a firm requirement, the time disadvantage
of the mini-computer disappears as does software
cost disadvantage (up to $200,000 for mini, something
less for large scale).
C. Conclusion.
(1) Time required to procure any additional peripheral
equipment needed for the central syst m, encryption devices,
and terminal equipment for remote siLcs would presumably be
the same as for procurement of the mini-computer hardware;
i. e. , time for full implementation would not be appreciably
shorter than for the mini-computer alternative.
(2) The mini.-computer alternative for implementation
of the 4C concept would produce a superior system, for about
the same amount of money and?time than the large-scale
computer.alternative would. require. r?;.
3. Reasons for System Encryption
Classification of the system at a level of CONFIDENTIAL is
in accord with current community usage for extensive collections of
security access data. .
A. Encryption will prevent undetected, unauthorized
introduction via line taps of spurious responses to terminal queries
and will prevent modii.cation of the data base via similar means.
Approved For Release 2004/10/28 : CIA-RDP80M0l066A001100070003-2
25X1 Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
Approved F Release 2004/10/28: CIA-RDP80M0106AO01100070003-2
of access certification message traffic, reduction in the number of
times which identical information is input to different data bases,
decreases in time lost due to visitors awaiting access verification,
and savings in security processing.
- 5 -
Approved For Release 2004/10/28: CIA-RDP80M01066AO01100070003-2
Approved Fj Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
I 16Sep75
0- C/USIB
1 - DDCI
1 -ER
I.- D/OJCS
1 - USIB/S
1 -ICReg
Approved For Release 2004/10/28 : CIA-RDP80M01066AO01100070003-2
ytNULR WILL CHECK ASSIFICATION TOP AND B
1 I'V(:I.Atio(AY @~1'~
~l~l
T
.
-
AC
Sf. F.
OFFICIAL ROUTING SL Executive Registry
TO
NAME AND ADDRESS
DATE
INITIALS
D/DCI/IC
/g- 2
2
D Cf I
~^