CAMS SECURITY

Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2 Purpose To verify access authentications of SCI cleared personnel; replaced 19 IC systems Identification True names; no cover names Operational status Phase I: Began Easter Monday 1983 Who inputs/updates SSOs of each organization after receipt of approved paperwork How often Varies Who has access SSOs To what Community File based on need-to-know 258k records; 82k month transactions How 1. On-line terminals 2. Call-in over night special queries 3. Usual bi-weekly org. updates How many terminals 155 (May '86); Will expand - organizations with more than 1000 SCI cleared persons Where SSO elements in SCIFs When 24 hrs/day 7days/wk (less 1 hr/day maint.) Accuracy Mirrors paper system; backed up by it Reliability Mirrors paper system; more timely Content Brief, debrief or inactive status dates Comments field Types of Files Community File STAT Participants Use "e help" ALLt)L ri ie CIAfL File Archive - Crossreference Organizations with SCI cleared personnel except NSA & DIA Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2  25X1 Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2 Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2  Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2 OIT-12010-86 ?.7 FEB 1986 MEMORANDUM FOR: Chairman, Committee on Imagery Requirements and Exploitation, Intelligence Community Staff FROM: William F. Donnelly Director of Information echnology SUBJECT: CAMS Security u REFERENCE: Memo for D/OIT fm Chmn/COMIREX, dtd 5 Feb 86, Same Subject 1. I would like to take a positive approach to bring CAMS into compliance with the DCI's "Uniform SAFEGUARDS for Protection of 'Critical Systems' Processing Intelligence Information," as opposed to requesting a waiver. lul 2. The CAMS Vulnerability Study and resulting recommenda- tions reflect our security concern for this "critical system," and our intentions to bring this system into compliance with the SAFEGUARDS. The short-term recommendations have been or soon will be implemented. The long-term recommendations, which will cost additional monies, are being planned and will be implemented when technology is available in the marketplace, i.e., automated data labeling. In the interim, we can reflect a degree of compliance with the SAFEGUARDS by implementing compensating security procedures and demonstrating that CAMS can enforce discretionary compartmentation. 3. CIA will be required to submit a report on the status of our two critical systems by August 1986. In this report, we will reflect the degree of compliance with the SAFEGUARDS Criteria based on the positive actions taken by your staff. I am confident that this will satisfy the DCI's SAFEGUARDS requirements. I do not believe that the SAFEGUARDS should have a negative impact on CAMS in terms of the September 1986 deadline, and at this time, a waiver to the SAFEGUARDS is not required. William F. Donnelly 10 S-E R-E-T Declassified in Part - Sanitized Copy Approved for Release 2013/04/03: CIA-RDP89BO1354R000200250001-2