DRAFT NATIONAL POLICY ON TELECOMMUNICATIONS AND AUTOMATED SYSTEMS SECURITY
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP97M00248R000500170039-6
Release Decision:
RIPPUB
Original Classification:
C
Document Page Count:
5
Document Creation Date:
December 27, 2016
Document Release Date:
June 8, 2010
Sequence Number:
39
Case Number:
Publication Date:
February 17, 1984
Content Type:
MEMO
File:
Attachment | Size |
---|---|
![]() | 236.61 KB |
Body:
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
ROUTING AND RECORD SHEET
SUBJECT: (Optional)
Draft National Policy on Telecommunications
and Automated Systems Security
.
FROM: EXTENSION ~
~
TE
C/OC-MLS
~
17 February 1984
TO: (Officer designation, room number, and DATE
building) OFFICER'S COMMENTS (Number each comment to show from whom
INITIALS to whom. Draw a line across column after each comment.)
RECEIVED FORWARDED
EA DD I
Hqs
7E12
-
2.
3.
API
5.
6.
7.
A
T
8.
9.
10.
1
1
12.
13.
14.
15.
FORM 61 0 USE PREVIOUS
1-79 EDITIONS
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
CONFIDENTIAL
17 February 1984
SUBJECT: Draft National Policy on Telecommunications and
Automated Systems Security
2. I explained to Mr. deGraffenreid that I had sent the
attached memo and was meeting with him in advance of the
Community-wide 17 February meeting because I did not want to
surprise him at that larger meeting with Agency objections; I
thought it would be to our mutual benefit to discuss such
objections one-on-one in advance.
3. Mr. deGraffenreid noted that my memo raised two cate-
gories of objections. The first included specific problems that
might be correctable with relatively minor changes. The second
was a larger philosophical disagreement over whether or not
communications security and computer security should be covered
by one directive/policy/procedure or by two. I pointed out that
our preference was two, and I so stated for the record; however,
if ittwere elsewhere decided that it.should be one" document,,,.we
wouldnot withhold our concurrence soleX on the one document-two
document issue. I thought Ihad put the matter to rest., but Mr.
deGraffenreid returned to it several times during the meeting.
He emphasized that he was under direction to consolidate the two
disciplines into one document, but when I pressed him to learn
who had so decided/decreed, his only response was "my leadership."
4. In discussing our specific objectives, Mr. deGraffenreid
appeared to show considerable flexibility. According to him,
many of the interpretations we were giving to the draft were not
as he had intended them. He seemed more than willing to rewrite,
or to accept our suggested rewrite, of a number of paragraphs in
WARNING NOTICE-INTELLIGENCE
SOURCES OR METHODS INVOLVED
CONFIDENTIAL
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
the draft in order to satisfy Agency concerns. It was agreed
that we would submit, within the next several weeks, specific
wording for the NSDD.
5. Mr. deGraffenreid noted that the.17 February meeting was
not intended to be a decision session, but rather a session to
elicit reactions to the draft. He stated that the Agency
response was the first written response he had received.
6. Following this meeting and without aff nreid, we
empha-
met with of the IC Staff. Mr~r
sized in very-strong terms that one document joining communi-
cations and computer security would be unenforceable and
unmanageable at this time. While I did not disagree, I stated
that my instructions are to avoid that issue and to concentrate
on protecting the DCI's authorities. We agreed on a two-stage
approach. I will continue to seek rectification of the specific
problems that we see with the present draft. Separate from that,
I will seek clarification on the Agency's position on one versus
two documents, and then proceed accordingly on that matter.
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
1..UNVIUtlNIIAL
OC mt_S-rr~By-O//
V iJ
MEMORANDUM FOR: Mr. Ken deGraffenraid
National Security Council
Chief, Management and Liaison Staff, DDA/OC
SUBJECT: Draft National Policy on Telecommunications and
Automated Systems Security
1. The responsibility for reviewing the subject proposed
NSDD and representing the DCI at the February 17 meeting was
delegated to the Director of Communications by the DDCI. We
attempted but were unable to arrange an informal meeting with
you to discuss areas of concern within the Agency which are:
a. The letter of transmittal from the NSC states that
"it is intended that the machinery established by the NSDD
would initially focus on those automated systems which are
connected to telecommunications systems." The body of the
proposed NSDD does not follow this statement of intent and
is all inclusive for "automated information systems'which
create, prepare, or manipulate information in electronic
form for purposes other than telecommunications, and
includes computers, word processing systems and associated
equipment." (emphasis added)
b. The proposed NSDD does not accurately recognize the
DCI's statutory responsibilities and authorities.
Encroachments include: (1) the development of consolidated
resources and budget which could both dilute the DCI's
responsibilities regarding formulation of the NFIP and
impact Intelligence Community priorities; (2) the proposed
NSDD implies that the Director, NSA will take sole responsi-
bility for assessing and disseminating hostile threat infor-
mation, thereby removing related analytical missions of the
CIA, FBI and DIA; and (3) a requirement that the DCI
"coordinate unique requirements pertaining to the protection
of intelligence sources and methods" with the Steering
Group, the NTISSC and the Director, NSA.
WARNING NOTICE
INTELLIGENCE SOURCES
OR METHODS INVOLVED
CONFIDENTIAL
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6
CONFIDENTIAL
SUBJECT: Draft National Policy on Telecommunications
c. The missions and functions of the Interagency
Committee on Foreign Real Estate Acquisition in the U.
should be as stated in the original PD/NSC-24.
d. There are a number of initiatives mandated by
PD/NSC-24 that have not been completed for a number of
reasons. The abrupt termination of these initiatives would
countermand the thrust of PD/NSC-24 to eliminate the
reliance on microwave and the vulnerability to intercept
of telecommunications by an adversary.
e. Under PD/NSC-24, there is an inter-agency mechanism
for publishing coordinated national policy and standards.
Under the propose SDD t is responsibility is delegated to
the Director, NSA, and there is no mechanism for
coordination.
2. Although there is philosophical agreement that separate
NSDD's for computer security and for communications security
might leave gaps in the protection of automated information
systems as the technologies of the two disciplines' converge,
we are concerned about the feasibility of managing a consoli-
dated effort, particularly in view of the expanded scope of the
proposed NSDD. We would prefer an NSDD that addresses the com-
munications security issue only, with a separate or consolidated
approach after the panel completes their study.
3. If you would like to discuss any of these point
to the February 17 meeting, I can be reached on Secure
or
ORIG: OC-csD/PPB3
Distribution:
Orig/- Addressee
.X - 0C-
1- OC/OL/ INC
1 - OC-CSD Chrono
1 - OC-COD Record
13 Feb 84
CONFIDENTIAL
25X1
25X1
25X1
25X1
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170039-6