COMPUTER SECURITY WORKING GROUP OF THE UNITED STATES INTELLIGENCE BOARD SECURITY COMMITTEE

, Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 -bLx?1kd IBSEC-CSWG-M-2 2 July 1968 COMPUTER SECURITY WORKING GROUP OF THE UNITED STATES INTELLIGENCE BOARD SECURITY COMMITTEE Minutes of Meeting Held at CIA Headquarters, Langley, Va. , 2 July 1968 1. The second meeting of the Computer Security Working Group of the USIB Security Committee was held on 2 July 1968 between 1330 and 1550 hours in Room 4E-64, CIA Headquarters building. In attendance were: Mr. Richard Kitterman, State Mr. Thomas Eccleston, Army Lt. Col. Richard H. Koenig, Army Mr. Robert C. Allen, Navy Lt. Col. Hays Bricka, Air Force Mr. Raymond J. Brady, AEC The security level of the meeting was announced as through Top Secret non- codeword. 2. The minutes of the 18 June meeting were approved without comment. Members requested, however, that in the future they be pro- vided with two copies of the minutes. STAT STAT STAT 3. Identification of CSWG Members: In order to provide better handling of the visitor control procedures for members at future meetings as well as to insure the clearance level of those attending the meetings, the Chairman requested that each participating agency formally nominate a Primary and Alternate to the CSWG. He noted that this nomination should be accomplished through each agency's Security Committee member and that in making the nominations, consideration should be given to the clearance requirements of future Working Group participation. The Chairman also emphasized the need for continuity in Working Group representation. IGROUP 1 Excluded tram automatic downgrading and Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 S-E-C-R-E-T IBSEC-CSWG-M-2 2 July 1968 4. The DIA representative indicated that his organization would like to have technical participation in the Working Group as well as professional security representation. The Chairman reiterated his previous understanding that technical participation would not only be welcome but was necessary in facing the problems involved in the Working Group effort. He pointed out, however, that technical repre- sentatives would serve in a consultant capacity. Formal designation of Primary and Alternate Members was requested by the next meeting. 5. IHC Briefing by The Chairman indicated that he had contacted the staff of the Intelligence Information Handling Committee (IHC) concerning possible attendance by Working Grou members at the scheduled 15 July briefing of the IHC by of the Dn the subject of computer security. The Chairman had learned that space was limited and that those Working Group members interested in attending the briefing should contact their individual agency IHC representation. Each member was furnished the identity of his IHC representatives. 6. Role of the CSWG: The Chairman opened the discussion of the proposed roles to be served by the Working Group by restating functions proposed by him at the first meeting, viz, providing guidance to the Security Committee towards the identification and solution of security problems in the ADP environment, pursuing an effort towards the standardization of security policy in the community as it relates to the automatic handling of information processing, and acting as a focal point for the collection, exchange, and dissemination of information on security problems in the ADP environment. The Chairman asked whether members could offer additional suggestions towards defining the Working Group's role. The Air Force member stated that he believed this role should be "to recommend to the Security Committee those policies, methods, and procedures necessary to provide adequate security protection for all ADP operations performed by USIB member organiza- tions and to serve to advise the Security Committee, the IHC, and USIB members concerning new problem areas which may arise and for which advice is sought. " 2 S-E-C-R-E-T STAT STAT STAT Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 I Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 \u" S-E -C-R -E- T Le,7 IBSEC -CSWG-M-2 2 July 1968 7. The question was raised in the ensuing discussion as to how the Working Group could effect security requirements which it determined necessary for the protection of classified material in the .ADP environment. The Chairman pointed out that recommended procedures could be imple- mented in two ways: a. through the responsibility of individual security components within their own organizations and, b. through the Security Committee and subsequently through the United States Intelligence Board for community- wide implementation. 8. At the conclusion of the discussion, the Chairman suggested that he would re are a draft paper encompassing the roles of the Workin Group as discussed in its first two meetings; after coordination with Workin Grou members this a er would be forwarded to the.asiljzili Committee as a su ested charter settin forth the res onsibilities o the Working Group. 9. Enumeration of Individual Agency Computer Security Problem Areas: As requested at the earlier meeting, members were prepared to identify principal examples of security problem areas affecting their separate organizations in the ADP environment. Col. Bricka listed the following problem areas: a. sanitization of storage media; b, prevention of inadvertent spillage; c. the physical and communications security problems involved in the co-location of IDHS facilities and ADP centers; d. the need to examine the security procedures of non- USIB agencies, when their facilities are utilized for classified processing. 10. The undersigned outlined the following as examples of current problem areas in CIA: a. multi-level problem, i. e. the "simultaneous" operation of the time-sharing system through remote terminals at different security levels; 3 S-E-C-R-E-T Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 S-E-C-R-E-T IBSEC-CSWG-M-2 2 July 1968 b. the security problems involved in the installation and operation of remote devices, including physical protect, access control, and procedural safeguards; c. emanations; d. identification, dissemination control, and "down- grading" of storage media; e. internal processing problems, such as the security identification of stored data and the development of procedures to retain the "need to know" principle in the current era of mass storage. 11. The DIA representatives indicated that they were not prepared to submit a list of problem areas at the instant meeting; they indicated that a security evaluation of the ANSWERS Project was being made and that it was anticipated that the results of this evaluation would provide an identification of problem areas in the DIA environment. They stated hopefully preliminary identification of such areas would be available by the next meeting. 12. of NSA indicated that the security element of that agency was just getting into the computer field and that for this reason it was difficult for him. to define comprehensively problems in the computer environment as they pertain to his organization. He mentioned, however, that many of the problems stated by Col. Bricka and the undersigned were present in NSA operations. also noted that the R&D element of NSA has been involved in computer security efforts. 13. Mr. Brady of AEC indicated that two significant problem - areas existed in the computer operations of his organization. One re- lated to the simultaneous utilization of computer systems at both the classified and unclassified level; this related to the security of remote stations. A second problem area in AEC operations was the security of the store and forward switch at the Sandia Corporation. 14. Mr. Allen of Navy pointed up the multi-level problem from a somewhat different standpoint, noting the desirability in "debugging" operations of obtaining a core dump; since the system to which he was referring is utilized at various security levels, often the programmer 4 S-E-C-R-E-T STAT STAT Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 tJ v ' IBSEC-CSWG-M-2 2 July 1968 requesting the core dump is not cleared for access to all material resident in memory. Mr. Allen also mentioned the problems caused by the utilization of "substitute" maintenance personnel for handling system failures during non-duty hours, when such personnel have a lower clearance than that ordinarily required to service the equipment. 15. Col. Koenig, speaking for the Army, accented the problems of file and software integrity and the introduction of unclassified terminals on classified systems. Commenting on Mr. Brady's and Col. Koenig's reference to this procedure of allowing unclassified and classified operations to utilize the same time-sharing system, the Chairman noted the dangers of spillage and possible penetration of the classified portion of the system from the unclassified terminal. 16. In order to form the basis for a comprehensive picture of the computer problems facing the community, the Chairman requested that each participant prepare in writing for the next meeting problem areas in the ADP environment as they relate to their separate agencies. It is anticipated that a composite enumeration of these problem areas, their scope and priority can then be prepared. 17. Identification of Current Computer Security Regulations: Time did not permit during the instant meeting a prolonged discussion of what regulatory issuances exist in the community in the area of computer security. Col. Koenig provided copies of Army issuances in this regard and suggested that a bibliography of such regulations be prepared by the Working Group. The Chairman requested that individual members, if possible, provide him with copies of such regulations, instructions, etc. , so that they may be made available to the group as a whole. 18. Need for Standardized Computer Tape Labeling Procedures: The Chairman pointed out that during the previous two weeks, he had been requested on behalf of COMIREX to conduct a survey of what procedures are currently utilized by the community for the labeling of computer tapes, particularly as they are transmitted from one organization to another in the government. He pointed out that the lack of standards for identifying tapes often caused such tapes to be- come lost, misplaced, or unidentifiable. Four areas of identification for such tapes were noted: a. Security classification and dissemination controls; 5 S-E-C-R-E-T Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 STAT Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9 ? ? " - - - .K - - IBSEC-CSWG-M-2 2 July 1968 b. Subject or topical matter; c. Technical characteristics; d. Identification of originator and/or user. Col. Koenig indicated his belief that a draft standard for tape labeling had been disseminated for coordination in the government sometime during the past year. The Chairman noted that the Bureau of Standards had suggested certain criteria for standardization of tape labels during 1967, but that to his knowledge, they had not been promulgated. Sub- sequently, Col. Koenig contacted the undersigned to relate that this proposed NBS tape labeling standard applied to internal labels. It was anticipated that the topic of labeling standards would be pursued at a subsequent meeting with a view towards considering the feasibility of a joint Security Committee/MC effort to establish basic labeling criteria for computer tapes in the intelligence community. However, further discussion was deferred. 19. The Chairman solicited the interest of Working Group members in an occasional briefing on community efforts in the ADP field as they may create or compound community computer security problems. He sug- gested that Chairman of the COINS Committee provide STAT a briefing on that project and its security problems at the next meeting. All exhibited interest in such a briefing, and arrangements are being made for to address the Working Group. STAT 20. The next meeting of the CSWG will be held on 16 July 1968 at 1330 hours in Room 4E-64, CIA Headquarters building. IBSEC/CSWG, Chairman 6 S-E-Ct-R-E-T Declassified in Part - Sanitized Copy Approved for Release 2013/08/09: CIA-RDP89B01354R000400550027-9