DEFINITION OF SECURITY AGREEMENTS PROVIDING FOR THE INTERAGENCY USE OF REMOTE TERMINALS

Approved For Release 2008/05/21: CIA-RDP89BO1354R000100090009-3 UUIU IUCN I IAL 15 January 1971 MEMORANDUM FOR: Chairman, Computer Security Subcommittee SUBJECT : Definition of Security Agreements Providing for the Interagency Use of Remote Terminals 1. Recent developments within the Central Intelligence Agency have surfaced the problem of defining the security responsibility entailed when one agency connects remote terminals to a central processing unit of another agency giving the former access to the latter's data base. 2. When an interagency remote terminal hook-up is effected, should security controls for the remote terminal be dictated by the agency using the remote terminal or the agency providing the CPU and the data base? If the agency using the terminal dictates the security procedures, does the security officer of this agency certify that the operational procedures of the terminal provide adequate security? If the agency owning the CPU determines the security control required for remote terminal use, does the CPU owner security officer assume responsibility for the security of the remote terminal? Who is responsible for determination of cause when a compromise of classified information results from this interagency hook-up? 3. Attached is a Memorandum of Agreement, which the undersigned feels would resolve the above questions and facilitate the installation of such interagency terminals. I BIOIP 1 Etehbd *w Mrmatk Iffid CONFIDENTIAL. ? dec!assiticatle e 0wificaff" Approved For Release 2008/05/21: CIA-RDP89BO1354R000100090009-3  Approved For Release 2008/05/21: CIA-RDP89BO1354R000100090009-3 wwI11I IM 6111 I unl. 4. The undersigned requests that this issue be brought before the USIB Computer Security Subcommittee for discussion and con- currence. CIA Member Computer Security Subcommittee Att: As Stated CONFIDENTIAL Approved For Release 2008/05/21: CIA-RDP89BO1354R000100090009-3  Approved For Release 2008/05/21: CIA-RDP89B01354R000100090009-3 uu r1JCI1IIAL MEMORANDUM OF AGREEMENT Pertaining to interagency use of remote terminals, we the undersigned, the designated representatives of the below listed Intelligence Community agencies to the USIB Computer Security Subcommittee, agree to abide by the following security control procedures for the interagency use of remote terminals; i.e., when a remote terminal from one USIB member agency is connected to the CPU and classified data base of another USIB member agency: 1. Security controls of remote terminal operation will be specified by the owner of the central processing unit to which the terminal is connected. 2. These security control procedures will be con- veyed in writing to the security officer of the terminal owner agency who will assure these procedures are followed and certify same to the security officer of the central processing unit owner. 3. Any compromise of classified data resulting from this interagency remote terminal connection will be resolved through the joint efforts of the security officers of the agencies involved. CIA Member U. S. Navy Member Department of State Member U. S. Air Force Member DIA Member Federal Bureau of Investigation Member U. S. Army Member Atomic Energy Commission Member OffIDEHTIAI Approved For Release 2008/05/21: CIA-RDP89B01354R000100090009-3 '