DIRECTOR OF CENTRAL INTELLIGENCE SECURITY COMMITTEE COMPUTER SECURITY SUBCOMMITTEE

Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070005-4 Director of Central Intelligence Security Committee Computer Security Subcommittee 1. The one hundred and seventy-thir STAT Computer Security Subcommittee was held at"7~7 McLean, VA on 16 July 1985, and was attended by the following persons: STAT STAT SIAI ecutive Secretary NSA OM 2. The fi t item discussed was the status of the FY85 STAT budget. reported that approximately 60% of the SECOM's funds have been on hold since April, and that the chairman of the SECOM had just recently been informed that their budget proposal had been disapproved. Apparently this had occurred with little warning, STAT and little prior discussion with the SECOM. further reported that the Executive Officer of the statt had asked the SECOM to re-submit, indicating the possibility of a second chance. STAT 3. distributed copies of an annotated bibliography on security tor personal computers (PC's), which had been produced by a Navy reservist, and in support of both the Computer Security Center and the CSS efforts in the area of PC security. This paper was reviewed. Some recommendations were made for improving the utility of the document for the CSS effort to produce PC security guidelines, however, it was found to be acceptable for the intended purpose. 4. It was suggested that the CSS be the conduit through which the SECOM and the Intel Community receive items of interest, specifically, issuances from the Computer Security Center. Accordingly, it was agreed that the Executive Secretary will forward a current copy of the Evaluated Products List (EPL) and recent guidelines which have been published. STAT 5 reported on the activities under the contract STAT with noting that has primarily been involved with tha argely due to the availability of resources. STAT Consequently, will attend the IHC meetings, while STAT will attend the CSS meetings as the representative of the STAT itic. it was further noted that has officially appointed the IHC as the point o contact for the NTISSC. 6 As a result of some of the discussions, above, Mrs. STAT questioned whether or not there really exists a sufficient baseline of computer security-oriented persons within the community to support a separate CSS. Accordingly, it was suggested that we identify community computer security resources, by name, and also identify what percentage of their time is available for CSS activities. Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070005-4  Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070005-4 7. We discussed the issues revolving about Memoranda of Understanding (MOU) for co-utilization of facilities. It was noted that DCID 1/19 should address this problem, and that the CSS should also draft an addendum to DCID 1/16 dealing with the need for such MOU's, perhaps pointing to the more detailed procedures in DCID 1/19. A working group was suggested as the vehicle for the drafting of an initial set of procedures and guidelines for possible inclusion into DCID 1/19. This was also seen as a good opportunity for working across Subcommittees, since it is an issue whose resolution involves several SECOM subcommittees. The suggestion was made that the activity in this area should be initiated by a meeting between the chairmen of the CSS and the Compartmentation Committee. 8. The next meeting was set for 17 September (there will be STAT no meeting in August) Executive Secretary Sanitized Copy Approved for Release 2010/11/17: CIA-RDP87T00623R000200070005-4