ENUMERATION OF INDIVIDUAL AGENCY COMPUTER SECURITY PROBLEM AREAS
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP89B01354R000100120008-0
Release Decision:
RIFPUB
Original Classification:
U
Document Page Count:
2
Document Creation Date:
December 21, 2016
Document Release Date:
May 30, 2008
Sequence Number:
8
Case Number:
Publication Date:
July 16, 1968
Content Type:
MEMO
File:
Attachment | Size |
---|---|
![]() | 56.43 KB |
Body:
Approved For Release 2008/05/30: CIA-RDP89BO1354R000100120008-0
HA UFf 1UTAL USE ONI
DEPARTMENT OF THE ARMY
OFFICE OF THE ASSISTANT CHIEF OF STAFF FOR INTELLIGENCE
WASHINGTON, D.C. 20310
16 July 1968
MEMORANDUM FOR: CHAIRMAN, COMPUTER SECURITY WORKING GROUP, USIB SECURITY
COMMITTEE
SUBJECT: Enumeration of Individual Agency Computer Security Problem Areas
1. The enumeration of Department of the Army's computer security problem
areas can only be addressed in general terms. An exhaustive list of
actual problems would be redundant and meaningless without going into
excessive detail which is not appropriate at this stage of defining the
problem.
2. Varying degrees of security problems are encountered in:
a. Sanitization of storage media.
(1) Disc
(2) Drum
(3) Core
(4) Magnetic tape
(5) Magnetic cards
b. Remote access devices.
c. Files integrity.
d. Co-location of Intelligence Data Handling Systems handling SI
material with Command and Control Systems not indoctrinated for SI.
3. With the introduction of multi-user, time shared computers, the following
additional problems are anticipated:
a. Remote access devices, unclassified vs classified.
ntom'r,r%t
Approved For Release 2008/05/30: CIA-RDP89BO1354R000100120008-0
Approved For Release 2008/05/30: CIA-RDP89BO1354R000100120008-0
hhy,yn$ / 9 1Lyys, ,* 1
ACSI-DSRSID
SUBJECT: Enumeration of Individual Agency Computer Security Problem Areas
b. Files integrity, multi-user.
c. Program integrity.
d. Need-to-know access only.
e. Unauthorized disclosure (spillage).
f. Deliberate attempts to penetrate unauthorized files and programs.
g. Security of communications.
h. Personnel security (larger numbers, less supervision).
4. Paragraphs 2. and 3., do not address the security problems associated
with classifying, storing, accounting, downgrading and destruction of docu-
ments, reports, and other outputs of computer systems. While these are
continuing problems, current Army Regulations appear to be adequate.
RICHARD H. KOENIG
LTC, GS
Temporary Member, IBSEC-CSWG
Approved For Release 2008/05/30: CIA-RDP89BO1354R000100120008-0