DIRECTOR OF CENTRAL INTELLIGENCE SECURITY COMMITTEE COMPUTER SECURITY SUBCOMMITTEE
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP87T00623R000200070041-4
Release Decision:
RIPPUB
Original Classification:
S
Document Page Count:
17
Document Creation Date:
December 22, 2016
Document Release Date:
November 17, 2010
Sequence Number:
41
Case Number:
Publication Date:
September 24, 1981
Content Type:
MISC
File:
Attachment | Size |
---|---|
CIA-RDP87T00623R000200070041-4.pdf | 619.29 KB |
Body:
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
24 September 1981
DCISF;C-CSS-M139
1. The One Hundred and Thirty-Ninth meeting of tY~e Computer Security
Subcommittee was held on 15 September 1:81 at
McLean, VA. The meeting was convened at 0930, and attending were:
DIRECTOR OF CENTRAL INTELLIGENCE
SECURITY COMMITTEE
COMPUTER SECURITY SUBCOMMITTEE
Executive Secretary
CIA
Mr.
Mr.
Mr.
Mr.
James Studer, Army
Lynn McNulty, Dept. of State
Robert
Robert
Ronald
NSA
Graytock, Dept. of Justice
Wingfield, Dept. of Energy
M~
Lancing, Navy
SECOM
Mr. Robert Storck, FBI
Mr. Edward Springer, Los Alamos Nat'l Labs (D~~E)
Mr. David Bailey, Los Alamos Nat'l Labs (DoE)
2. The minutes of the previous meeting were reviewed. There were no
comments, and thus they were approved as written.
3. Mr. Wingfield (DoE) introduced Messrs. By and Springer from
the Los Alamos National Laboratories, where DoE has re~~ently established
a centralized computer security group for the Department.
a. Mr. Springer started with a general overview of DoE responsibilities
and capabilities, showing how the Los Alamos Labs fit into the overall DoE
structure. He then discussed the establishment of the Computer Security
Technical Center for DoE at the Los Alamos Labs, which is specifically geared
toward addressing the Department's computer security problems. He went on
to discuss some of the specific techniques being applied presently, such as
DES-type devices for the protection of "unclassified-but-sensitive" traffic,
and for file encryption functions. In response to a question on the relative
amount of SI processing required by DoE;, it became clear that there was
very little such processing, and the requirement that does presently exist
can be satisfied via periods processing.
b. Mr. Bailey then spoke of a~everal specific programs which were
being pursued at the laboratories. He stated that the bulk of their work related
to "secure operating systems" was being performed in close cooperation with
NSA. It was generally agreed that, since such a small percentage of the DoE
processing is SI, they should continue to maintain their primary contact with
the DoD community, mainly through the recently formed DoD Computer Security
Center at NSA.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
c. The basic thrust of the presentation was t~ apprise the CSS
of the existence and capabilities of the. DoE Computer Security Center, and
offer to participate in, and support, community technical programs (R&D,
studies, etc) which are aimed at computer security problems of mutual
interest. Consequently, the Los Alamos Labs would like to be considered
as a qualified candidate on appropriate technical tasks that the CSS wishes
to fund.
4. The CSS next discussed the various proposals which had been
submitted for spending the money OK) which has been provided by the
SECOri. Each of the proposals which had been submitted were reviewed and
discussed. One of the proposals involved the evaluation of the TEMPEST
threat to ADP systems. This was rejected by the chairman as being outside
the "jurisdication" of the CSS, falling more properly to the SCOCE
(Special Committee On Compromising Emanations). There was some discussion
on this point, with some of the membership expressing their concern with
TEMPEST as a valid ADP system problem. The chairman offered to draft a
letter to the SECOM expressing the membE:rship's concern with TEMPEST problems
exhibited by ADP systems.
5. The chairman asked the members to review each of the proposals
and express their preference for the tasks to be funded.. The most popular
proposal was that the develop a technology forecast, to pi redict/evaluate
...a...,..~. .
technolo i al trends which ~gu1d.,,.,~au~....,an.,.ef~e.G.~-~,.,~~~.1t.~F.setur~-~o1QSY~
.~..~.~.~...,..-......-..,..._-.-...~...~~ Other
an_d tlly,s...held.,,_,5~...LR1~t~VY._,decide the. proffer , d,~~t,~.9n~s._..fo~...~.&D
proposals chosen as reasonable candidates for CSS funding were those relating
to a survey of word processing systems and their security-related capabilities
(it, w,~s...,a1s~17..recommended`that ,the newly-created DoD Computer Security Center ,~~~ ..~
be tasked for this prodect), and a threat'~sEudy. ~~,t ,rig ~~~ r
1 ~;. 1 fw ~.4
6. The chairman asked that final votes and any further suggestions be
phoned to him by the 2nd week of October 1981. Copies of the proposals which
have been submitted to date are Enclosed. Questions on any of the proposals
should be directed to the originating organization.
7. The next meeting was set for Tuesday, 20 Octot~er 1981, at 0930,
at The primary item of discussion will be the
policy statement for the revision to DCLD 1/16.
7 Encls:
1. Proposal, Subj: Proposals for
Funds Submitted by Computer Security
Subcommittee Members, dtd 1 Sep 81
2. Proposed Contract, Subj: Computer
Network Security $100K, undtd
3. Proposed Contract $50K, undtd
4. Proposed Contract R&D Magnetic
Media Control Using Technical
Means $75K, undtd
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
5. Dept of Army Ltr, DAMI-AM,
Subj: Recommendations for
Employment of SECOM Funds
Allocated to CSS, dtd 8 Sep 81
6. Proposed Contract, Subj:
Computer Network Security,
$100K, undtd
7. Dept of Energy Ltr, dtd
17 Sep 81, and Encls thereto
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17 :CIA-RDP87T00623R000200070041-4
I Sip 181
SUBJECT: Proposals for Funds Subrr'tted by Computer Security Subcon>nrittee
(~tembe rs '
T0: Chairman, DCI Security Ccf~mi ttc~e
Following are proposais for fur:'s as subrr:itted by membership:
CIA
1. Compile a listing of essential ~ngreciients of the cr~rrent/ongoing
net~rork studies in cor~puter security.
COST: ~45K
2. Identify the security elements that are required in a total (multi-level)
netti~rork.
COST: X90-100K
1. Baseline Computer Security Technology; Forecast. bihere the technology is
and ~~rhere it is going; trends; +rrhat should we pursue?
COST: $50K
2. Subcommittee participation at selected Computer Security Conferenc s/'~lorF:sho{~s .
COST: ~SUK
DIA
1. Individual Identii'ication;r^,uth~ntication
Prepare a technical evaluation of individual identification capabilities.
Reliable, efficient, and cost effective individual identification is required
for access control for physical areas, local and remote host computers, and
automated nett~rorhs. Industry is providin; anumber of capabilities most of
which have identifiable dQficierrcies; a nur:,ber of government efforts are under
way to develop access control capabilities. A technical study is needed to
report/evaluate the current stag of the technology.
COST: ~IIOK
F,:C. ~t ~1L'F,>a Ui~C:Lf1S ~'i3L:~ i'PA..',.t1'~~~,
F'1.U;~i E~~:;I:rJSUT;.F:~Si.
Sanitized Copy Approved for Release 2010/11/17 :CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
'~ I~ !,1 t s ~ ~"
2. Data Classification and Control P~larkinc~s
Develop a marking system with the capability to identify data classification
and restrictive handling controls for intelligence information stored, processed,
or extracted by automated systems and net.~?rorks.
~ Definitive access control and dissemination laheling capabilities are
necessary rri th devel opraent of
- Common Data Bases
- Delegated Production
- Integrated Data Base
- Automated Pdetworks
COST: $200K
3. Penetration Exercise
Assemble audio surveillance hardware and develop/execute a penetration/
collection scenario. '
COST: $150K
If any of the above proposals are determined to have merit, the subconunitte~ will
provide additional details.
Attached as enclosures are additional proposals for your consideration as
submitted by the FBI and DOE.
ur;cl_ns ,T ,-,~T
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Proposed Contract
COMPUTER NETWORK SECURITY
$1 OOK
I. Introduction
Of all the issues involving ADP security, network security
is the most complex. This is because network security spans
all facets of security. For example, physical security,
personnel security, communications security, TEMPEST
security, and computer software security are all important
considerations of network security. The distributed nature
of networks further complicates issues involving physical
and communication security. All the problems and technical
issues involved with the security of a single computer is
present in a network and is essentially multiplied by the
number of computers (i.e., network nodes) in the network.
In particular, the issue of multilevel security is greatly
complicated in a network.
The combination of the distributed nature of networks and
packet switching technology (i.e., the multi-path
distribution of packet composition/decomposition) makes
total multilevel security a very difficult goal to achieve.
Computer network security issues can be divided up into two
areas of concern:
a. communications security
b. nodal security
II. Proposed Contract
Amount - $100K
- "Think piece," original study on security requirements for
Network Architecture which would examine:
nodes
communication lines (Bus, fibre optics, etc.)
This study should not be directly basE~d on existing
developments or biased by past efforts. However,
contractors should be aware of past e:Eforts in this area.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Questions to be addressed
a. Centralized vs decentralized security?
b. Type of security technology which would be most
applicable in centralized systems or decentralized
systems?
Should address
1. What capabilities should the networked system have
to be secure from standard modes of security
compromise, e.g., tapping, penetration, etc.? If
encryption is broken what steps need be taken as
envisioned by the contractor to eliminate or
minimize damage to network?
2. How will the contra~~tor ensure compartmentation of
data when nodes are connected to a network which has
different levels of classified data?
Givens
- Must conform to security requirements of
multicompartmented mode (DCID 1/16 and. OMB A-71)
- multi-CPU's
- hundred of users
- multi-geographic locations
- encryption systems
- something that is practicable and doable now
Products
- lleliverables
1. Security requirements (system, ph}~sical, procedural)
for NODES.
2. Security requirements for front-ertd processor (if
centralized).
3. Security requirements for communication links (Bus,
fibre optics, etc.).
ISSG/OS/CIA
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Proposed Contract
$SOK
I. Objective
Survey existing technical literature, in and out of
Intelligence Community, on computer network security
architecture and detail specific finding:>. These findings
will be used as a platform to launch a comprehensive study
in developing needed system security mechanisms for
networked systems now being developed within the
Intelligence Community.
Contractor will be asked to detail any .~i s in existing
network architecture to date which may c~i~ for additional
studies.
II. Products
- Paper summarizing methodology to date :in handling security
in "networked systems" processing multilevel classified
data for the Intelligence Community. 'the existing
methodology in private industry which might be feasible?
- Gaps which still need to be addressed?
III. Potential Contractors
- SDC
- MITRE
- Network Analysis Corporation
- Van Dyke Associates
ISSG/OS/CIA
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Proposed Contract
R&D
Magnetic Media Control Using Technic~il Means
$75K.
A method is needed for detecting and preventing the
unauthorized removal of all portable magnetic storage media from
Intelligence Community facilities. The approach should be
towards the development of a special type of magnetic media which?
has something in its composition which can be detected by sensors
strategically placed at building exits. The detectable substance
would not be removable, transparent to users and not impair the
normal utilization of magnetic media. An alternate but less
desirable solution would be the development of a device which can
be attached to or recorded/written into magnetic media which can
be detected by a sensor. The types of portable. magnetic media
include computer tapes, floppy disks, and cassettes. (U)
This is a current problem presently being addressed through
management and administrative procedures neither of which
properly addresses the problem. Increasing use of floppy disks
in word processing systems and the new family of computer
terminals will make the problem worse in the future. (U)
There are presently no known technical means of detecting
the surreptitious removal of magnetic media from a controlled
area. It appears that the solution to this problem requires new
research efforts. (U)
In a sense, the prevention of unauthorized removal of
magnetic media is more acute than the hardcopy document control
problem. Many documents can be recorded onto a single floppy
disk, cassette or magnetic tape. It is highly desirable from the
Intelligence Community viewpoint to be able to prevent
unauthorized removal of magnetic media. (U)
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17 :CIA-RDP87T00623R000200070041-4
DEPARTMENT OF THE ARMY
OFFICE OF THE ASSISTANT CHIEF OF 8TAFF FOR INTELLIGENCE
WASHINGTON. D.C. 20110
8 SEP 1881
SUBJECT: Recommendations for Employment of SECOM Funds Allocated to
CSS
Mr. Len Busic
Chairman,
Computer Security Subcommittee
SECOM, NFIB
1, The purpose of this letter is to comply with your request for a list
of recommended projects to be funded by the Computer Security Subcom-
mittee (CSS)o It is our firm belief that CSS funds should be allocated
only to those projects which will produce an identifiable, tangible pro-
duct which will have broad Intelligence Community use, Further, appli-
cations supported by DIA and the military services should have universal
value in military intelligence functionso
2. The most critical requirement facing the entire Intelligence Community
(IC) today is the need to Redefine and Restructure the Security and
Protection Attributes Which Support the Automated Handling and Communi-
cation of Intelligence Information. The multitude of classif ications,
codewords, caveats, control and dissemination restrictions present in the
IC today have introduced great complexity into the processing and trans-
mission of vital intelligenceo The proliferation of intelligence systems
and current planning for their future interface demands careful, judi-
cious study of this problem and development of a workable, practical,
hierarchic structure of standard security and protection attributes which
can be implemented in the automated information handling world. I am
currently working on the first draft of a much more detailed paper on
this subject and will provide it to you when completedo In the meantime,
I feel very strongly that the subcommittee should identify and support
this project. Because there is already some interest in solution of this
problem in the Data Standards Panel of the Intelligence Information
handling Committee, NFIB, it could be made a joint project with that
group,
3. Next in priority is the need for abroad, definitive study of The
Threats Against Intelligence Automationo Such a study might well b e an
outgrowth of the compilation activity which DIA RSE-4 now has underway
Sanitized Copy Approved for Release 2010/11/17 :CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
8 SEP 1981
DAMI AM
SUBJECT: Recommendations for Employment of SECOM Funds Allocated to CSS
with the Military Intelligence Reserve unit in Texas. If content dictates,
this product should be produced in two versions; one hopefully at the
SECRET collateral level for broad, general dissemination, and a second at
the TOP SECRET SCI level for more restricted IC dissemination. Command-
and management-level attention and interest must be gained and maintained
through provision of well-written expositions on the serious threats
against automated systems.
4. As an ancillary to The Threats Against Intelligence Automation there
should be produced, as a separate document if necessary, a serious, lay-
man language Compromising Emanation Threat Study. Decision-authorities
in Army and the other services are confronted on a daily basis with the
requirement to approve or disapprove the design of automated systems at
both the tactical and strategic levels which must incorporate protection
against compromising emanations. The credibility of this EMSEC require-
ment is not now well established, except in the electronic engineer-
oriented language of NACSEM 5100. There is a demand for a definitive,
detailed, explanatory threat and countermeasure document which can be
read, understood and applied by managerial personnel without the need for
engineer interpretation. Production of this study should be a joint effort
with the Subcommittee on Compromising Emanations (SCOCE).
S. There is also a strong requirement for an authoritative Automation
Security Dictionary defining all the terms and criteria to be applied in
clear, precise language. A precedent e~:ists in United States Communica-
tions Security Board (USCSB 2-17) "Glossary of Communications Security and
Emanations Security Terms," October 197G.
6. Lastly, a requ it anent exists for the development and promulgation of
an IC guidance document on the application of Risk Analysis Criteria,
Procedures, and Techniques for Automation and Communication Systems in the
Intelligence Community.
7. I will be happy to elaborate on any of the above recommendations at
your request.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Proposed Contract
COMPUTER NETWORK SECURITY
$1 OOK
I. Introduction
Of all the issues involving ADP security, network security
is the most complex. This is because network security spans
all facets of security. For example, physical security,
personnel security, communications security, TEMPEST
security, and computer software security are all important
considerations of network security. The distributed nature
of networks further complicates issues involving physical
and communication security. All the problems and technical
issues involved with the security of a single computer is
present in a network and is essentially multiplied by the
number of computers (i.e., network nodes) in the network.
In particular, the issue of multilevel security is greatly
complicated in a network.
The combination of the distributed nature of networks and
packet switching technology (i.e., the multi-path
distribution of packet composition/decomposition) makes
total multilevel security a very difficult goal to achieve.
Computer network security issues can be divided up into two
areas of concern:
a. communications security
b. nodal security
II. Proposed Contract
Amount - $100K
- "Think piece," original study on security requirements for
Network Architecture which would exam'Lne:
- nodes
- communication lines (Bus, fibre opt:Ccs, etc.)
This study should not be directly based on existing
developments or biased by past efforts. However,
contractors should be aware of past efforts in this area.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Questions to be addressed
a. Centralized vs decentralized security?
b. Type of security technology which would be most
applicable in centralized systems or decentralized
systems?
Should address
1. What capabilities should the networked system have
to be secure from standard modes of security
compromise, e.g., tapping, penetration, etc.? If
encryption is broken what steps need be taken as
envisioned by the contractor to eliminate or
minimize damage to network?
2. How will the contractor ensure compartmentation of
data when nodes are connected to a network which has
different levels of classified data?
Givens
- Must conform to security 'requirements of
multicompartmented mode (DCID 1/16 and OMB A-71)
- multi-CPU's
- hundred of users
- multi-geographic locations
- encryption systems
- something that is practicable and doable now
Products
- lleliverables
1. Security requirements (system, physical, procedural)
for NODES.
2. Security requirements for front-er.~d processor (if
centralized).
3. Security requirements for communication links (Bus,
fibre optics, etc.).
ISSG/OS/CIA
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Department of Energy
Washington, D.C. 20545
Mr. Len T. Busic
Defense Intelligence Agency
Attn: RSE-4
Washington, DC 20301
SEP 17 1981
Dear Mr. Busic:
Enclosed for your review are three computer security projects proposed for
funding by the Computer Security Subcommittee. These projects were selected
following the discussion at the subcommittee meeting on September 15.
Additionally, I am enclosing a copy of the briefing material as you requested.
Please accept my appreciation for the courtesy and attention shown to
Dave Bailey and Ed Springer of the Department of Energy Computer Security
Technical Center. Bob Wingfield of ...y staff indicated that the session
was of benefit to the Department of Energy and I trust it was of value to
you and the subcommittee members as well.
Robert A."0'Brien
cc w/Proposed Projects:
Computer Security Subcommittee
Members
Chief, Operations~ec~i ty Branch
Division of Security
Office of Safeguards and Security
Defense Programs
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Computer Security Subcommittee
Proposed Project
Computer Security Technology Forecast 75 K
Objective: To prepare a baseline technological assessment of the protection
of information in computer systems and computer networks;. The assessment of
the current state of the technology will be accompanied by a forecast out-
lining problems and possible solutions which will be encountered during the
- ----
next 5 years. The assessment will 6e usefufi-to security officers in select-
i~ng security controls for systems under their control. The assessment will
also be useful in guiding the selection of research and development tasks to
fill the gaps in current protection capabifiitie~ and in solving the new
problems which arise. The assessment and forecast shou'Id be updated approxi-
mately once every 2 years.
Product: A report containing an assessment of the currE~nt state of protection
tech~ogy and a forecast covering the next 5 years.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Computer Security Subcommittee
Proposed Project
Secure Operating Systems 100 K
Objective: Evaluate the Honeywell Secure Communications Processor (SCOMP)
and demonstrate its utility as a secure network front end processor in a
data base management application. A SCOPIP system will be installed at
Los Alamos for system evaluation and software development and will then be
reinstated at another location such as Oak Ridge for prototype use as a
data base front end fcr users with differing levels of clearance and need-
to-know. The Department of Energy software would be adapted to an SCI
application specified by the subcommittee and installed on an existing
SCOMP system as directed by the subcommittee.
Product: An installed SCOMP demonstration system.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4
Computer Security Subcommittee
Proposed Project
Secure Office Workstation 125 F:
Objective: Build a prototype workstation capable of providing need-to-know
protection for information in the environment in which 'the information is
normally handled. The workstation_should not re_quire_extensive sanitization
before it can be left unattende3~. '1"EM1sEST wiTT 6e considered in the system
design, but will-not be included in the prototype workstation.
Product: Implementation of a prototype workstation demonstrating the
needed protection techniques.
Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070041-4