EPA
Vol. 2
September/October
No. 5
STRINGER REORGANIZES MIDSD
MIDSD Director Bud Stringer is proposing
to reorganize the division. The re-
organization will sharpen the organiza-
tional responsibility of MIDSD branches,
and consolidate some application system
operational functions within a new
branch.
Stringer was influenced by several fac-
tors in making the change, not the least
of which was his own idea about how MIDSD
would function better. "Activities like
systems development, planning, policy
making, data resource management, along
with overhead activities like budgeting,
and training, can be more effectively
performed at the Headquarters' level,"
says Stringer. "However, the overall
management of the computer utility, and
allied technical functions, will thrive
and operate more efficiently away from
the Headquarters' environment."
In MIDSD's case, away from the
Headquarters' environment means the
National Computer Center at Research
Triangle Park, North Carolina, directed
by Sam Brown. Each of the RTF branches
works with the computer centers—one
operates them, and one plans for and buys
new computers. The Data Center Branch,
headed by Don Fulford, will continue its
role of managing the National and
Washington Computer Centers. The
Computing Resources Branch combines the
functions of the Major Acquisitions
Office and the Planning, Analysis, and
Research Branch to ensure a continuous
flow of concepts, equipment, and services
to the data centers. Mike Steinacher
heads this branch and his responsi-
bilities also include keeping track of
EPA's data center user requirements.
At Headquarters, a new branch was formed
from a nucleus staff in the Personnel
Management Division. As it starts up,
the Production Systems Branch will oper-
ate the personnel management and con-
tracts information systems, with other
systems in MIDSD's parent office of
Management and Agency Services (OMAS) to
be considered for inclusion during the
next year. Consultant Richard Nolan's
observation, that EPA had too widely dis-
persed organizational elements operating
its systems, has taken root in this
change.
A second Nolan observation suggested the
newly articulated theme of the Informa-
tion Systems Development Branch. Nolan
saw an overly high dependence on con-
tractors, and noted that many feasibility
(Continued on Page 6)
COSTLE ESTABLISHES
MONITORING STEERING GROUP
"A major milestone in EPA ADP manage-
ment" is one description of the action
taken recently by EPA Administrator
Doug Costle. He has established a
standing committee of key Deputy
Assistant Administrators to oversee all
Agency monitoring programs. They will
establish policy on monitoring, in-
formation management, and information
systems. The committee includes
Walt Barber, Matt Bills, Marilyn Bracken,
Swep Davis, Roy Ganse, Ed Hanley,
Jeff Miller, and Al Morris, and is
chaired by EPA Science Policy Advisor,
Dick Dowd.
Since January 1978, an in-house work
group, the Select Committee on Monitor-
ing, has been developing a plan for a
carefully designed review of the full
range of monitoring activities. It was
formed to respond to criticism from the
Office of Management and Budget that EPA
collects too much data, the wrong data,
(Continued on Page 5)
-------�
ADP SECURITY
Marguerite L. Hall, Computer Specialist
This is the first in a series of four articles on ADP security. These articles are in-
tended to give you some perspective on this relatively new and increasingly important
topic. The first article focuses on aspects of data processing which make it inherently
insecure. The article examines concepts and terminology. The third article is by way of
history. It describes Federal reactions to and actions on security problems. The final
article covers EPA's recently developed Agencywide security program and our plans for
staged implementation.
ADP'S LATENT INSECURITIES
Computer security, or to use the broader term "ADP" security, is a hybrid of computer
science and industrial security. Industrial security is the field bringing you Brink's
trucks, barbed wire, and closed circuit T.V. monitors. It's been around a long time.
Computer science is a bit newer, but certainly seems to be well entrenched. The same can't
be said for ADP security. It's only now beginning to emerge in its own right. What's sur-
prising is how long it's taken to get recognition of the scope and importance of security
in relation to both computers and the information systems that run them.
Not that there hasn't been a lot of bad press. There was the Pentagon fire that destroyed
three complete computer systems. In 1972, the Susquehanna River flood destroyed thousands
of dollars worth of Postal Service computer supplies and came within inches of floating
$7.5 million worth of their computer equipment. There was the Equitable Funding scandal,
the Riggs deposit slip slip-up, and the Mark Rifkin Russian diamond fraud. They've all
made the Wa.sh,31nJg;tQn Post as well as PAXAMATJflft. What I'm referring to is the understanding
that ADP security is a broad discipline; that it covers denial of service as well as
destruction of data centers, the loss of confidentiality as well as fraud, and the theft of
computer time as well as the computer.
It seems so obvious that ADP is different and that its difference requires special care and
handling. It's different because it's so terribly complex. It's different because its
assets are so concentrated. It's different because many of its assets are intangible.
It's different because it's so readily accessible.
Think about complex. The jargon alone is intimidating. There are coined words, initials,
acronyms, terms borrowed from other fields, and inscrutable codes. For example, are you
comfortable with nanosecond, cache memory, DBMS, S522, demand, multithreading, IBF2851,
asynchronous, fiche, degausser, ECL, mode, LISP, inverted files, archiving, hex, host,
RS232, and cursor? Have you worked you way through a system flowchart of late? How about
understanding an equipment configuration diagram? If you've spent the last few years as a
systems analyst, can you still log on?
The result is that no one, but no one, has a good grasp of the big picture as well as a
detailed understanding of all the puzzle pieces. In contrast, all it takes is a little
knowledge prompted by a little malice or avarice to wreak havoc. Not much skill is
required to note a password tacked to the Snoopy calendar hung over your terminal. Stolen
computer time has turned computer programming into a thriving cottage industry. Absolutely
no skill is required for water from an overhead sprinker to seek its own level or a flash
fire to find the forms supply, or a bulldozer to terminate your trunk line. Perfect know-
ledge is obviously a prerequisite to perfect protection, and that's just not the state of
the art.
Next, think about concentrated assets. Never before has so much been so little. Thirty-
two single-spaced pages become a box of punched cards. Five hundred and forty pages of
printout are pictured on one microfiche. Thirty thousand pages become a magnetic tape.
Forty thousand pages translate to a disk pack. I didn't attempt to calculate the number'of
-------�
pages that could fit on the head of a drum. So easy to walk out with. So easy to write
over. So easy to destroy. There are cases of blackmail by employees who have exited with
the only existing copy of accounts receivable, the only copy of customer lists, the only
copy of the personnel records. Disgruntled tape librarians fill the literature with
fascinating tales of external label swapping, methodical master file scratching, and
systematic system catalog entry switching. Whole disk libraries have gone up in smoke and
down in flames. Microchips have been bent, burnt, and burglarized. Punch cards have been
poked, soaked, and otherwise mutilated.
Think about intangible assets. Information no longer sitting on ledgers, in out-boxes, and
file cabinets. Transactions that can't be followed from desk to desk and office to office.
Money that never makes it to your wallet. ADP has transformed paper and pencil into binary
bits of magnetic material placed on pieces of plastic. It's a new game and new rules are
needed for collecting and keeping and destroying invisible information. In the absence of
rules, vital records expire, disks become garbage dumps, and sensitive information leaks.
Audit trails are lost, turning detection of error or evil over to chance.
Now think about accessibility. Facilities are accessible. Hardware is accessible. Infor-
mation is accessible. There are computers sitting in glass houses. There are facilities
with literal welcome signs over the door and operating systems with virtual welcome signs.
There are computers on flood plains and computers on fault lines. There are computers in
tornado belts and computers in riot corridors. And then, best of all, if you have defalca-
tion, fraud, embezzlement, espionage, or mischief in mind, there are computers with tele-
communications. No cloaks. No daggers. No out of town travel required. All that's
needed is a telephone, a terminal, and a little time. There, in the privacy of your own
home, you can plumb the riches of your favorite data center. Need to know your competi-
tion? Or, how about the secret ingredients in a new drug, cosmetic, herbicide, or pigment?
How about commodity prices, insurance claims, welfare lists, criminal records, medical
histories, or tax returns? There are cases of stolen software, invented invoices, altered
accounts and amounts, and bogus beneficiaries. The wrong to be wrought, thanks to today's
telecommunications technology, is truly staggering.
It doesn't take much knowledge of Boolean algebra to understand that complexity "anded"
with concentrated assets "anded" with intangible assets "anded" with accessibility equals
trouble. And when you "and" all the above with absolute dependence on ADP, the equation
can result in catastrophe. Picture Social Security without billions of binary bits, the
Weather Bureau A3f\fr its satellite signal digesting models, our air traffic controllers
minus their CRT's, or the IRS calculating without its CPU's. In EPA, we are using ADP in
planning and management, abatement and control, research and development, and monitoring
and enforcement. We have tracking systems, and compliance systems. We edit, converse,
sort, merge, retrieve, update, model, text process, analyze, and project. We have major
purpose timesharing facilities, nationwide telecommunication networks, mini's and batch
terminal sites, and low-speed terminals sitting in every continental state and Canada. If
you will pardon some awful algebra mixed up with a little plagiarism from a popular song,
what it all adds up to is - the day the computers stop is the "day the music dies."
However, there's some good news too. As I noted in the beginning, ADP's special penchant
for disruption, disclosure, and destruction is receiving some long-deserved attention. In
fact, security has become big business. There are dozens of companies and several Federal
agencies providing training courses, classes, briefings, tutorials, workshops, seminars,
chautauqua, colloquia, and symposia. You can buy encryption software, auditing software,
authentication and authorization software. You can buy shredders, degaussers, incinera-
tors, and chemical decomposers. You can buy consultants, experts, advisers, and prophets.
It's a rare edition of CjQmju.terwQr^d that doesn't cover at least one data center disaster
or computer crime caper. A quick scan of our trade's scholarly journals reveals that risk
analysis, encryption, and security "kernelology" have usurped other compelling topics like
data base, structured programming, networking, and minicomputers.
-------�
Of course, security has its very own lexicon of O.K. buzz words and concepts: Hazard,
risk, privacy, ROC, threat, exposure, vulnerability, sensitivity, ALE, contingency, safe-
guard, perpetrator, KSOS, etc. The terms have been lifted from physics, mathematics,
engineering, psychology, sociology, and astrology. The second article in this series is an
attempt to bring order to the terminology. The Federal Government is now in the act,
thanks to Congress, GAO, OMB, GSA, and the Office of Personnel Management. That's Article
No. 3. All Federal executive agencies have been directed to establish comprehensive
security programs. EPA's program and our implementation are described in Article No. 1.
Hopefully, attention, direction, and technology can be translated into better built facil-
ities, trusted software, reliable hardware, secure data, appropriate procedures, and, most
importantly, concerned users. ADP security should be and can be a no-lose proposition.
WHO MAY USE
EPA's COMPUTER FACILITIES
Ernie Watson
There are about 2400 registered users of
the two primary computer centers. This
number fluctuates daily. Of those 2400,
1700 are users of the Washington Computer
Center and 700 are registered to use the
National Computer Center. The user com-
munity at the EPA data centers consists
of EPA employees and their contractors,
other non-EPA Federal employees and their
contractors, and state and local govern-
ment users. How, then, do these users
gain access to the computer center?
The policy and procedure to become a
registered user of either data center is
the same. An EPA employee or EPA con-
tractor must complete EPA Form 2800-3,
specifying an EPA employee as Project
Manager, obtain proper signatures, and
forward the completed form to the Time
Sharing Services Management Office. The
Project Manager, in all cases, becomes
responsible for the utilization of the
account, emphasizing the importance of
the Project Manager being an EPA
employee.
Either computer facility and all services
offered are available to any non-EPA
Federal Government facility. The first
step toward gaining access is the estab-
lishment of an Interagency Agreement
(IAG). The policy, conditions, and
mechanisms of controlled system utiliza-
tion are defined in Chapter 7, Utili-
zation of EPA Systems by Non-EPA Govern-
ment Units, of the Au topped fia^a. fro-
Manual .
EPA Order 1610.1A deals with the develop-
ment and administration of lAG's. Once
the agreement is signed and effective,
then the procedure to access a computer
center is as defined in the previous
paragraph.
Congressional legislation, such as the
Clean Air Act of 1970, the Federal Water
Pollution Control Act of 1972, and the
Safe Drinking Water Act of 1974, provides
EPA with state program support grant
authority. This authority is used to
channel resources to the states so that
they may implement the Federally-mandated
programs. This, in short, means that EPA
and the states may share the same com-
puter system. In order for the state or
local agency to gain access to a system,
they must have a sponsor. This sponsor
is either the EPA Regional Office that
serves the state, a research laboratory,
or a Headquarter's element. Funding is
through an Intergovernmental Cooperation
Agreement between the state or local
agency and the Regional Office, labora-
tory, or Headquarter's office. This is
made possible by the Intergovernmental
Cooperation Act of 1968. More informa-
tion is contained in Chapter 7 of the
Au^qpt^tiq P^t^ j'pQGesaing ^a/majl , as well
as OMB Circular A-97 and EPA Order
1610.1A. Access to the appropriate com-
puter center is then gained through the
submittal of a completed EPA Form 2800-3.
The deadline for contributions to the
November/December issue of EPA Da^ta
is October 31, 1979.
-------�
WCC HIGHLIGHTS
Maureen Johnson
V qv? ConveraAoji. The MVS/TSO/WYLBUR
system has been available for user con-
version activities since the first of
September. The MVS system is running on
one processor, while the MVT/ ALPHA system
continues to be available on the other
processor. Users are kept informed of
conversion progress as well as problem
status through on-line NEWS ALERTS, user
meetings and conference calls, and
through the MVS Conversion Assistance
Team. Conversion of several production
systems is nearing completion and many
users are taking advantage of improved
response and turnaround under the MVS
system.
WCC frgject OffAeej?. Curt Lackey
recently accepted a position with the
Office of Toxic Substances. We will miss
Curt's initiative and expertise in pro-
viding guidance to the WCC Project.
Maureen Johnson will be acting Project
Officer until the position can be filled.
V PPP-t. AS— 5- Contingency Plans are
being finalized to provide 2BB-dedicated
service on the COMNET Commercial AS-5
system during October and November 1979.
ZBB has been satisfactorily using the
Commercial AS- 6 system during the past
several months.
PAvAd- Although not as
severely as other locations, the WCC
facility suffered effects of the remnants
of Hurricane David as it passed through
the Washington, D.C. area during the
second week of September. An interrup-
tion in the electrical supply from the
local utility, which lasted in excess of
four hours, not only caused the immediate
loss of the 3032 system, but the sub-
sequent failure of the 370/168, which is
protected from short (15 minute) failures
by an Uninterrupted Power Supply (UPS)
system. The UPS, which is essentially a
series of batteries, prevented extensive
damage to some of the hardware devices.
If subjected to the surges and drops of
commercial power, this hardware would
most likely have been severely affected.
However, as the UPS system does not pro-
tect all devices, several of the com-
ponents did suffer the aftereffects of
burned or weakened circuit boards. Com-
prehensive diagnostic tests were run to
ferret out any weaknesses for correction.
NCC HIGHLIGHTS
V
Tom Rogers
An additional Uninterruptible Power
Supply (UPS) system has been procured to
support the upcoming Sperry Univac
Expansion.
\ The ceiling and lights are installed
at the NADPSC building expansion. New
electrical transformers to supply in
excess of 2000 KVA power to the expanded
facility were installed the last week of
September.
w System stability has been excellent
at the Univac Data Center for the past
several months .
As of August 20, 1979, the NCC Com-
puter System is available for the user at
7:30 a.m., Eastern Standard Time, instead
of 8:00 a.m. This new start time was
implemented in order to provide service
to EPA personnel under the newly imple-
mented "Compressed Work Schedule."
COSTLE (Cont. from Page 1)
or data which is unreliable. The com-
mittee has been studying ways to prevent
redundancy of monitoring programs, to
manage monitoring, and to plan for the
long-term. Much of the committee's work
led to the establishment of the DAA Com-
mittee. The Committee will report to
Costle at least quarterly on their
activities:
• An improved planning mechanism
for ADP;
• A mandatory quality assurance
program;
• Development of a monitoring
strategy;
• Review of data collection
activities for consistency,
redundancy, and utility;
-------�
• Formal audits of every major
monitoring program once every
three to five years.
In a September 18 memorandum, Costle
states, "I am directing the DAA Committee
to establish a communication channel with
all EPA offices with a strong interest in
monitoring and information management...
This communication should include
issuance of a series of monitoring and
information management policy memoranda."
It has been obvious to many EPA data pro-
cessing professionals that ADP has seldom
received top management attention. The
DAA Committee will clearly remedy that
problem.
STRINGER (Cont. from Page 1)
studies of requirements analyses failed
to result in the creation of new systems.
Although MIDSD has always had some role
in applications systems development, it
has in the past been mostly a passive one
heavily dependent on contractor exper-
tise. The new branch will be augmented
with eight new positions taken from
within OMAS during the ZBB process.
Contractors will continue to have an
UNITtO STATES
I NVmOMMENTAL PROTECTION AGENCY
National Computer Center
Research Triangle Park
North Carolina 27711
OFFICIAL BUSINESS
PENALTY FOR PRIVATE USE S3OO
AN EQUAL OPPORTUNITY EMPLOYE*
important role in the development cycle,
but the eight staff added to the three
which MIDSD had heretofore devoted to the
function will be of more substantial
assistance. Morris Yaguda will head the
new branch. "Recruiting is underway for
these positions, and applications from
within EPA are especially welcome,"
states Morris. "We are looking for
systems analysts in Grades 11-14."
Nolan has also recommended adopting a
"top down" ADP planning strategy which
links EPA's overall mission plans to
plans for ADP applications and data
resource support. Planning and budget-
ing, data resources management, and ADP
policy will now find a home in the
Information Resources Management Branch
headed by Ken Byram. Other functions of
the new branch include procurement
approval coordination, training, and
security. The planning function is
especially important, responding to a GAO
observation that although EPA spends
nearly $50 million annually on data pro-
cessing, much of it is spent in the
absence of an overall plan. The staff
will also support the DAA Committee on
Monitoring and Information Management.
POSTAGE AND PECS PAID
U S ENVIRONMENTAL
PROTECTION AGENCY
EPA-393
-------� |