ISB MEETING MINUTES - 15 SEPTEMBER 1987

Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 STAT ROUTING AND RECORD SHEET SUBJECT: (Optional) ISB Meeting Minutes - 15 September 1987 EXTENSION FROM: NO. ER 4320-87 SA/EXDIR ii16 Septemb 7E12 HQS TO: (Officer designation, room number, and building) 1. Executive Registry 7E12 HQS 9. OFFICER'S INITIALS COMMENTS (Number each comment to show from whom to whom. Draw a line across column after each comment.) er 1987 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 ER 4320-87 16 September 1987 STAT MEMORANDUM FOR: Information Systems Board Special Assistant to the Executive Director SUBJECT: ISB Meeting Minutes - 15 September 1987 STAT 1. Computer Scientist for Engineering Group within OIT, discussed efforts to reduce the security risks posed by removable ma netic media through the use of "diskless" STAT workstations. also conducted a demonstration of diskless workstation prototypes. A copy of the presentation slides is attached. STAT 2. within IMS, described plans for a test-bed ot i kstations in IMS. Notes from the presentation are attached. STAT STAT /signed/ DCI/EXDIR (16 Sep 87) Distribution: Orig - Each ISB member 1 - ER 1 - ISB File Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless PC Technology From OIT to the ISB, Sept. 15, 1987 Unclassified Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless _PC Concepts Problem: Floppy Disks Insecure Too Portable/Concealable Work-at-Home Temptations Unaccountable/Untraceable Obvious Target for Hostile Acquisition Floppy Disks Unmanaged Poor for Record Use Disorganized Shoebox, not Corporate Data Unclassified 09/15/87 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless PC Concepts Solutions: Render Floppies Unthreatening Use for Unclassified Program Loading Only Ensure Floppy Drives cannot Write Develop Operational Concepts to Match Support Organizations Provide Customization Replace Disk Functionality Use Host Disks in Limited Ways Advance to Networked Disks if Needed Allow Internal Disks where Secure Unclassified 09/15/87 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless PC Conce _ is Technologies for Eliminating Floppy Disk Problems RAM Disk Created in Volatile Memory High Speed Access Virtual Disk Maintained on Host Disks Requires Host Logon, Availability Speed Constrained to Network Speed Read-Only Disk Drives Modified Locally Special Purpose, Program Loading Network Disks (LAN) File Server on LAN Separately Secured, Administered Unclassified 09/15/87 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless PC Concepts Constraints: Configuration 1 (See Figure) Limited use in Structured Environments Not fully useful PC -- Very Programmable Terminal Suitable Mainly for IMS Requirements Technically Done, Available Anytime Requires Central Support, Development Configuration 2 (See Figure) Generally Applicable Architecture Full, more-than-PC Function Requires New Investments in Engineering Creates New Problems, but Better Ones Not Ready for Deployment to Everyone Unclassified 09/15/87 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Configuration 1. Generic PA/AT CLone 3270 Emulation Card/SW RAM Disk Read-only Floppy Drive LGA Graphics Mouse Usage: Programmable Interface Local WP Central Storage Short term Off-line Work VM Network PC Host Services MDS/SAFE AIM DBMS 3270 Connectivity PBX or SNA User Interface Word Processing Read-only Boot Programs Customized Disks Unclassified Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Configuration 2. VM Generic PA/AT CLone 3270 Emulation Card/SW RAM Disk Optional R/O Floppy Drive Optional Hi-Res Monitor Mouse TRN LAN Adapter Network Coax Future LAN-Host Paths Usage: Programmable Interface Local WP Local and Central Storage Longer Term Offline Work Host Optional File Server Adds: Compartmented Storage Local Shared Data Host Independence Full PC Functionality PC Disk Booty V T Unclassified PC LAN Boot LZ LAN Read-only Secure Areal i File Server Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Work Group Computing Vault-sized LAN Twisted Pair PC/AT Read-Only PCs 386 PC Equipment Room PC/AT Print Server Laser Printer Unclassified (Controlled Access) Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Diskless PC Concepts Activities: Working with IMS to Deploy Configuration 1 Tools for PC-based WP/Cable Creation from OIT Development of Customer System by IMS Starting Now Working on Configuration 2 Issues Acquiring and Testing LANs Supporting Testbeds Developing Distributed AIM/Cable Services Initiating Future LAN-based Architecture Design Interim Accommodation Policies Use of Least Portable Media Possible Policy to Minimize Floppy Abuse Personnel Security and Education Unclassified 09/15/87 Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 DIRECTORATE OF OPERATIONS DISKLESS PC TESTBED Agenda - Background - Purpose - Scope - Schedule - Potential future applications Background DO concerned about use of PC's because of diskettes OIT to acquire "neutered" (read only) version of workstation DO agrees to use when: - suitable DO user interface developed - PC-based word processor - cable "model" - Aim interface - seamless integration - SAFE modified to provide 3270 support (version 3.5) - 3270 communications are available in outbuildings to support DO training Alternatives for loading software - from neutered disk - from LAN file server - from mainframe, optical disk, etc. OIT to provide first option DO to testbed second option - implications for future (DOLPHIN) Purpose To build testbed using diskless PC's and LAN - test/evaluate in DO environment - adjust as required - consider for long range use - use OIT option for short-range - departmental (cooperative) computing concept - local files at "desk" level - same as DO stations - file server in vault, therefore compartmentation - user ownership/control - mainframe connectivity when needed - "corporate" data - message processing - networking Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 Scope - File server (1) - DEC MicroVAX II - Local area network (1) - Ethernet (IEEE 802.3) - Workstations (15) - IBM PC/AT equivalents - with no non-volatile storage - with 3270 DFT-A interface card - IMS front office 2 - SG front office 3 - SG branch chiefs 6 - DO Info Center 2 - IMS programmers 2 Total 15 Schedule - Early 1988 (standalone LAN) - MicroVAX III here now - Ethernet LAN on order - diskless PC's to be ordered when available Potential Future Applications Standalone LAN (PC network) - Local (compartmented) processing - local files/applications (mirror of DO station) - local word processing Mainframe terminals - Mainframe processing - message processing (MDS) - networking (Aim) - alternatives will be evaluated Connected LAN (with gateway) - Cooperative processing - corporate data in mainframe - local data in LAN Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6  Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6 F/tip 5r7C/c~ ('C PC Connected LAN ADvANCev wAm nC miceo YAX= P L.4 S r'X- Aemllm PCI ? TA//S `Lti2 T/0' /41 ?O i ' Nis Fib 7-,!FxT Sc fi4W'. PC Sanitized Copy Approved for Release 2011/09/13: CIA-RDP90G00152R000100190021-6