SECURITY RESPONSIBILITIES IN INTERAGENCY COMPUTER TERMINAL LINKS
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP89B01354R000100090007-5
Release Decision:
RIFPUB
Original Classification:
C
Document Page Count:
2
Document Creation Date:
December 22, 2016
Document Release Date:
October 1, 2010
Sequence Number:
7
Case Number:
Publication Date:
March 19, 1971
Content Type:
MEMO
File:
Attachment | Size |
---|---|
![]() | 115.01 KB |
Body:
Declassified and Approved For Release 2012/01/24: CIA-RDP89BO1354R000100090007-5 JSA
~
NATIONAL SECURITY AGENCY
FORT GEORGE G. MEADE, MARYLAND 20755
Serial: M503/'%0307
19 March 197 _
MEMORANDUM FOR THE CHAIRMAN, COMPUTER SECURITY SUBCOMMITTEE
SECURITY COMMITTEE, USIB
SUBJECT: Security Responsibilities in Interagency Computer
Terminal Links (U)
1. As requested, the proposed USIB policy statement concerning
subject was coordinated among interested NSA elements. The responses
received indicate that the proposed policy statement is not required
because:
a. The responsibilities identified are implicit in the
recently issued DCID 1/16;
b. The policy is not pertinent to networks of computers;
c. Security responsibilities must be included when
establishing the parameters of operational, technical and managerial
responsibility inherent in the relationship between one Agency and
another when a remote terminal in one is connected to a computer
system in another; and
d. For several years, all arrangements entered into by
participating Agencies have included as a major consideration,
those essential elements of security control necessary to the
proper functioning of such a terminal-computer configuration.
2. During the meeting of the Subcommittee on 12 March 1971,
the above views were presented. Discussions which followed
prompted agreement that the proposed statement should be rewritten
to exclude the application of the policy to network operations
(e.g., COINS) and that consideration could be given to a restatement
of the responsibilities in broader, less directive terms. Additional
coordination within NSA has established the view that such a
restatement of responsibilities should not be a matter of USIB policy
but one in which appropriate emphasis is placed on security and other
responsibilities inherent in any relationship which calls for the
placement of a remote terminal in an Agency for the purpose of
accessing information from a Central Processing Unit in another.
An alternative statement is offered below:
Declassified and Approved For Release 2012/01/24: CIA-RDP89BO1354R000100090007-5
Declassified and Approved For Release 2012/01/24: CIA-RDP89B01354R000100090007-5
kevf ..
~ ?? ~Y Y ~
4 a ` k4C~ wTIA r
RESPONSIBILITIES IN INTERAGENCY
COMPUTER TERMINAL
RELATIONSHIPS
"An increasing number of remote terminal installations
in the community has been identified where a computer terminal
device is located in one Agency, and with the approval of Agency
officials concerned, is provided access to information housed in
a Central Processing Unit of another. In such relationships,
emphasis should be placed on establishing the individual responsi-
bilities of the participating Agencies for the technical, operational,
managerial and security aspects of the activity. It is important
that the purposes for the configuration be defined and that clearly
established avenues of communication exist between the participants
to resolve any issue of operational or security import. Normally,
networks of computers within the community function under an overall
plan incorporating all these issues and are subject to multilateral
agreements."
3. The consideration of the Subcommittee is requested in
changing the existing policy statement to one which reflects sub-
stantially the views expressed above. In this regard, it is
requested that:
a. The existing policy statement not be approved for the
reasons cited in paragraph one above.
b. The suggested statement of responsibilities in paragraph
two above be considered for adoption in lieu of the existing policy
statement.
c. Any changes, additions or deletions made by the
Subcommittee in the suggested statement should be made available
for further review and comment/concurrence by this Agency.
R. G. KA
NSA Represent ve
Computer Security Subcommittee,
Security Committee, USIB
CON T AL
Declassified and Approved For Release 2012/01/24: CIA-RDP89B01354R000100090007-5