RECOMMENDED SECURITY ENHANCEMENTS FOR AARS AND MAXCON (Sanitized)

Approved For Release 2002LO QUA NPIU~ 3R000200080 2 8 NOV 197D OCCS- 7 s 25X1A 25X1 25X1 25$1 MEMORANDUM FOR: Chief, f nr ineer ing Division, OC Chief, Foreign Networks Division, CC Chief, Chief, Coy4mnnications Division, OC SUBJECT Recor;.mendcd Sec I&r ' ty Enhancements for ARS and ?' AXCOIN - 1. 0 The attached MFR is the product of a cursory single fault analysis of the Automated Relay Sy step (ARS) and MAXCON output circuuitry. The analysis was performed by Oki-CSD/'AR with OC-fllLJ/CPS assist .nce. The sirmul.ation of a single fault, as described in paragraph 4, clearly demonstrates V m potential for a compromi tie of classified infor=ration. 2. 0 lie reflucst that the paragraph 6 alternatives and procedures be i ipleiiented as cnhaacemnts to the security of the AIDS and NAXCON systeY~~s. Ia~ple ent at ion of these enhances ants will effectively double the protection against the possibility of a compromise of classified infor..iation. The hardware changes recoit ;iaonded are a matter of scraping and can be effected in a relatively short period of time. The software changes should not be difficult since there is no apparent need for unique software development. 25 1 A 3. D 'i"or verification testing it necessary. Attackments; As stated 25X1A 25k1A will be available Original - Addresses COORD:(') 1 - OC Record Copy File C OC- SD PDB 1 - OC-CSD Chrono ~L OC-CSD/EAB/CSaSl 12D -4v78 GONF G a EN AUTH~ Approved For Release 2002/06/19: CIA RDP'6id080009-6 25X1A 25X1 25X1A 25X1  Approved For Release 2002 @1 *IFDU 8 L0200080009-6 b. Buss Addresses 7670008 and 7674008 are used for Maxcon/Record Channel interfacing. Given a and b, there is no known addressing conflict. pr-Lari to the LCM, due to the fact that there are software/h ar~dwareyaddressing alternatives. An indepth analysis of a single LTU addressing failure was not made, since there are no alternatives to the existing LTU software/hardware addressing structure. Any change in this structure would require a redesign of the LTU integrated circuitry. 25X1A Attachment: Automated Relay System Addressing Structure, Figures 1,2,&3 FILE: 90.6.6 Approved For Rele ) DENT 008938000200080009-6  Approved For Release 20~' y:, &W-To "L00200080009-6 25X1 6. 0 The following alternative addressing and operational procedures will enhance the security of the ARS. a. By selectively choosing the LCM/LTU software/ hardware addresses, ARS security protection will be doubled. These addresses are: Buss Address Bits LC M 1 0 0 0 02 7600028 LC M 2 0 0 1 12 7614028 LC M 3 0 1 1 02 7630028 LC M 4 1 0 1 02 7650028 LC M 5 1 1 0 02 7660028 25X1 a. In the basic C900 (Collins 900) System, Buss Addresses 7600008 through 7624008 are used for CLCM (Communications Link Control Module) and TLCM (Trunk Link Control Module) addressing. These Modules are not implemented in the ARS or the MAXCON. Given the proposition that each "1" and "0" represents an integrated circuit, it is obvious that two IC failures vice one, would be required to produce the conditions described in the preceding paragraphs i.e., compromise of classified information. b. Security may be further enhanced by a vertical re-alignment of station/LTU assignments according to category of traffic i.e., all LTU 0's for other agency, all LTU l's for etc. It is recognized that this enhancement may not be totally possible/practical. c. Failures of this nature, produce an audible network alarm and LTU failure printouts at the circuit control position. The ARS SOP should include instructions for the communicator to immediately remove the LCM associated with the LTU failure printouts. This will disable the entire shelf. 7. The above changes should also be incorporated in the MAXCON (Max Concentrator). It should be noted that: Approved For Release 20 i FINDI8T0W$000200080009-6  25X1A Approved For Release 2002/06/19 : CIA-RDP88-00893R000200080009-6 Next 8 Page(s) In Document Exempt Approved For Release 2002/06/19 : CIA-RDP88-00893R000200080009-6