REVISION OF THE PRIM DETAILED SYSTEM REQUIREMENTS DOCUMENT

CONFI EN A Approved For Release 2005/08/02 : CIA-RDP8 0893R000200060001-6 23 August 1984 MEMORANDUM FOR: SUBJECT Revision of the PRIM Detailed System Requirements Document The following area in the PRIM Detailed System Requirements Document has been revised to clarify the term of "TEMPEST". 3.3.6.3 TEMPEST page 47 3.3.6.3.1 Tempest - Equipment Outside Headquarters page 47 3.3.6.3.2 Tempest - Equipment Inside Headquarters page 47.1 Please insert these pages in your document. If you have any questions, please call I I PRIM Project Leader or myself nn Document becomes UNCLASSIFIED when Approved For Release 2005/08/02 : CIA-RDP88-00893R1-6 rom JJJ,A l  Ap}Wved For Release 2005/08/02 : CIA-RGla88-00893R000200060001-6 Personnel Resource Information Managemenu (PRIM) Detailed System Requirements Document (DSR-C20-1C) PRIM Project Team ODP/LfISG/ ISD OP/ID/ADRB 23 August 1954 25X1 Approved For Release 2005/08/02 : CIA-RDP88-00893R000~00060001-6  Approved For Release AW5/08/02 : CIA-RDP88-00893R0002000G001-6 CONFIDENTIAL 21 June 1984 DSR-C20-1B CHAPTER PAGE 1.1 Purpose . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.3 Background . . . . . . . . . . . . . . . . . . . . . . . . 2 1.4 References . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1 Components Terminal Access to-Official Data . . . . . 7 2.2 Component Data Files . . . . . . . . . . . . . . . . . . . 7 2.3 Controlled Component Data Access . . . . . . . . . . . . . 7 2.4 Data Retrieval by Components . . . . . . . . . . . . . . 8 3. REQUIREMENTS . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.1 Functional Requirements . . . . . . . . . . . . . . . . . 9 3.1.1 Centralizing Official Data for Component Access . . 13 3.1.2 Data Transfer Between Components (Release 1) . . . 25 3.1.3 Component Data Manipulation (Release 2 & 4) . . . . 26 3.1.4 Queries and Reports . . . . . . . . . . . . . . . . 28 3.2 Performance Requirements . . . . . . . . . . . . . . . . . 36 3.2.1 Reliability . . . . . . . . . . . . . . . . . . . . 36 3.2.2 Sizing . . . . . . . . . . . . . . . . . . . . . . 36 3.2.3 Accuracy . . . . . . . . . . . . . . . . . . . . . 37 3.2.4 Timing . . . . . . . . . . . . . . . . . . . . . . 38 3.2.5 Flexibility . . . . . . . . . . . . . . . . . . . . 39 3.2.6 Availability . . . . . . . . . . . . . . . . . . . 39 3.2.7 Maintainability . . . . . . . . . . . . . . . . . . 40 3.2.8 Data Base Integrity . . . . . . . . . . . . . . . . 40 3.2.9 Backup . . . . . . . . . . . . . . . . . . . . . . 41 3.2.10 Recovery . . . . . . . . . . . . . . . . . . . . . 42 3.3 Security Requirements . . . . . . . . . . . . . . . . . . 43 3.3.1 PRIM Data Base Access Security . . . . . . . . . . 43 3.3.2 PRIM Data Access Security . . . . . . . . . . . . . 44 3.3.3 PRIM Data Base Reporting Security . . . . . . . . . 45 3.3.4 PRIM Data Base Update Security . . . . . . . . . . 45 3.3.5 Software . . . . . . . . . . . . . . . . . . . . . 46 3.3.6 Hardware . . . . . . . . . . . . . . . . . . . . . 47 3.4 Hardware Requirements . . . . . . . . . . . . . . . . . . 48 3.4.1 Current Equipment . . . . . . . . . . . . . . . . . 48 3.4.2 Future Equipment . . . . . . . . . . . . . . . . . 48 Approved For Release 2005/08/02 : CIA-RDP88-00893R000200060001-6  Appr6 d For Rele se02,90p/018/$2E cIA~-RPPA$+00893R0002000600June 01-61984 DSR-C20-lB 3.3.4.2 Component Data - (M) Update and retrieval capabilities of component data must be available to the component users. The capability to update must be controlled separately from the capability to retrieve component data. Likewise, the capability to retrieve each type of component data, i.e., future personnel assignments, Career Management data, and Directorate-Level data. must be controlled separately. Each component manager must iden- tify each capability required for each system user, and notify the PRIM Data Base Manager. In Release 2 the Data Base Manager will create a new Sysman2 en- try which will provide the update capability to only those individuals identified by the component. A limited number of designated users, determined by the component managers, will be given the capability to add, change, and delete data in the component files. 3.3.5 Software Security requirements for the PRIM software are different between the development/maintenance versions and the production versions. Produc- tion software must be kept separate from any PRIM software being changed, and the discipline required to change Production software must follow strict procedures. Knowledge about the PRIM System soft- ware related to controlling read and/or write access must be limited to a need to know basis. 3.3.5.1 Production Software - (M) The PRIM software identified as the latest production release must be completely isolated from all development activity. There must be stringent control procedures established for updating the PRIM produc- tion software. The version of the PRIM software accepted by the User must be the version baselined as operational. 3.3.5.2 Development/Maintenance Software - (M) The PRIM software in development/maintenance must be carefully con- trolled and documented so all personnel involved are totally aware of the status. All PRIM software must be thoroughly tested using an Ac- ceptance Test Plan and must be accepted by the User before it is moved to the Production System. Approved For Release 2005/08/02 : CIA-RDP88-00893R000200060001-6  Approved For Release 20.0510&02 :NCIA- 2I)PU-00893R00029006.9QQ4-61984 `1SR-C2O-1C 3.3.5.3 System Software - (M) All of the Data Base `ianagement System software related to controlling read and/or write access to the PRIM System and to data in the PRIM System is highly sensitive and must be limited to only the individuals needing the information. 3.3.6 Hardware The Agency's Regulation on Computer Security controls the hardware security for the PRIM System. The term hardware is defined as the computer, all peripherals (storage devices, printers, termi- nals), and transmission equipment (lines, modems, crypto gear). All equipment, existing and new, must comply to this regulation and once classified data is stored in the PRIM Data Base, this equipment must be approved for classified use. 3.3.6.1 Existing Equipment - (D) The PRIM System must initially utilize existing equipment within the Agency, complying with all security regulations concerning computer equipment. 3.3.6.2 New Equipment - (H) Any new equipment, specifically terminals or printers, acquired by the components must be coordinated through normal Agency channels, and must comply to standard Agency computer security regulations. 3.3.6.3 Tempest - (M) All Acceptance Testing and Production activity performed outside of our Headquarters building must utilize only equipment approved for classified use. 1 3.3.6.3.1 Tempest - Equipment Outside Headquarters Equipment used outside the Headquarters building in the PRIM system must meet the requirements of NACSIM 5100A. Approved For Release 2005/08/02 : CIA-RDP88-00893R000200060001-6 C 0 N F I D E N T I A L 25X1A  Appro For ReleWseD2O05/018/02g C IApRpF3,W0893R0002 0 Q E61984 DSR-C20-1C 3.3.6.3.2 Tempest - Equipment Inside Headquarters Equipment located in the Headquarters building must be National Secur- ity Agency (NSA) zone 1, 2, or 3 equipment listed in "Tempest Zone As- signments for Information Processing Equipment." N,QC'S'//`V) 57d~ Approved For Release 2005/08/02 : CIA-RDP88-00893R000200060001-6 C 0 N F I D E N T I A L 47.1  PRIM 2-E-2 ROUTING AND RECORD SHEET TO: (Officer designation, room number, and building) 40- 15t A P6 cLp8 Appro end For Release 2005/08/02: CIA-RDP8&Q0893R000200060001 c/ 0 17 7 9-/2, EXTENSION I NO. OFFICER'S INITIALS DATE 23 August 1984 COMMENTS (Number each comment to show from whom to whom. Draw a line across column after each comment.) STATINTL STATI Ph) IM , ppr;Gv(ed For `Role a 2005/08/02 Q Ar- D Oq 93'F 009 00( 1=~1 I I I ~ 4 SaIF'i 4' S 1. TL