LETTER TO JAMES A. WILLIAMS FROM JOHN N. MCMAHON
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP87M00539R000901160005-7
Release Decision:
RIPPUB
Original Classification:
S
Document Page Count:
5
Document Creation Date:
December 27, 2016
Document Release Date:
August 17, 2009
Sequence Number:
5
Case Number:
Publication Date:
October 18, 1984
Content Type:
LETTER
File:
Attachment | Size |
---|---|
CIA-RDP87M00539R000901160005-7.pdf | 127.33 KB |
Body:
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
S-E-C-R-E-T
Central Intelligence Agency
Lt. General James A. Williams, Director
Defense Intelligence Agency
Washington, D.C. 20301
In response to your memorandum of 11 October 1984, I have
asked my Director of Security to have his computer security
group immediately resume discussions with your security and
engineering staffs. Recognizing the urgency of the matter, I
am confident this effort will result in a timely solution to
the problem.
The Office of Security's Information Systems Security Group
(ISSG) has long been attempting to determine if compensating
safeguards can be substituted for the requirement for dedicated
connections for DESIST terminals. I would like to reemphasize
that the Office of Security position is not to deny access to
DESIST data, but rather to insure that sufficient safeguards
are in place for the control of information.
As our respective staffs have discussed, the military
commands having legitimate access to ORCON data, cannot
redistribute or further disseminate that data without
originator approval. The military command host computers in
question, however, have no controls of which we are aware that
can restrict further dissemination of this data, either within
the user host computer or secondary distributions across the
network. This leads us to the requirement for direct-connected
terminals over dedicated circuits. It is the method we our-
selves invoke to allow users with access to ORCON data to be in
compliance with the national directives for the control of
ORCON data.
You will recall that we suggested several alternatives to
dedicated terminals, and I am sure that your people can develop
others. With this in mind, ISSG has arranged to meet with their
OS 4 5293/1
C 16&
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
counterparts in the Defense Intelligence Agency on 25 October
1984 to continue working towards a resolution of this important
issue.
Sincerely,
John N. McMahon
Deputy Director of Central Intelligence
DDA/OS/PTAS/ISSG 18 Oct 84)
Retyped/D/S:laj UCt 84)
Distribution:
Orig - Addressee
1 - ER
1 - DDA
2 - D/Security
1 - OS Registry
1 - OS/ISSG Subject
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
STAT
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
18 OCT 1984
FROM:
MEMORANDUM FOR: Deputy Director of Central Intelligence
VIA: Deputy Director for Administration
Director of Security
1. Action Requested: Request vour concurrence and
25X1 signature for the attached letter.
2. Back round: Lt. General William's memorandum, dated
11 October 1964, recommends that our respective computer
security groups and engineering offices begin discussions to
reach a compromise position which would allow the Defense
Intelligence Agency (DIA) network access to DESIST. DIA cites
25X1 the cost of direct connections as being prohibitive.
Our offices have already discussed using the Defense
Intelligence Information System Network (DODIIS) Network
Security for Information Exchange (DNSIX) front end processor
for network access to DESIST when it becomes available in 1986.
When available, DNSIX would satisfy security requirements.
Recently, our computer security group has been informally
advised that DNSIX will not be available until the 1988/1989
25X1 timeframe.
Network access to the DESIST data base makes it more
difficult to control ORCON data as it enters the network and
other computers. A combination of compensating safeguards, such
as an application of the GUARD concept for release of data or
data encryption standard privacy channels for DESIST data within
a network, may be used as an alternative to direct-connected
terminals. There are dollar costs and time delays associated
with implementation of any safeguards, and these costs may
25X1 exceed DIA's estimate for direct terminals.
25X
this memorandum and coordinated in its contents.
3. Staff Position: The Office of Data Processing and the
Office of Global Issues were consulted in the preparation of
(lc A C')C 2
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7
S-E-C-R-E-T
DDA/OS/PTAS/ISSG/I I(18Oct84)
Distribution:
Original - Adse
- ER
1 - DDA
1 - D/Security
1 - OS/Registry
1 - OS/ISSG Subject
C-R-r-D-F-T
Approved For Release 2009/08/17: CIA-RDP87M00539R000901160005-7