c:\documents and settings\fakhri o\my documents\2 professional files\omar matic\the invention (open...
TRANSCRIPT
1
CD Lifecycle & Data Spill Solutions
Omar J. Fakhri
Ph: (727) 505-4701
2
Overview• Need• Scalable Solutions
– Phase I Cradle-to-Grave Lifecycle CD Tracking; a. Authenticate & Issueb. Authenticate & Transferc. Authenticate & Destroy
– Phase II Secure Storage Of CDs– Phase III Spill-Resistant Network With Bar-coding
a. General User Desktopsb. Communal desktops with Same-Level CD burningc. Five-Step Process for High-Low Data Transfer
• Wrap up
3
FBI Strategic Objective: IVA.1 Protect the FBI from compromise of its employees. “Security and counterintelligence professionals generally agree that the most significant threat to an organization’s internal security is betrayal by a trusted insider.” (Page 84)
The Webster Commission’s Report
“…The FBI should study the feasibility of bar coding particularly sensitive classified material, such as asset files, to facilitate control and tracking.” (Page 78)
4
Phase I Cradle-to-Grave Lifecycle CD Tracking
• Phase I a. Authenticate & Issue • Phase I b. Authenticate & Transfer• Phase I c. Authenticate & Destroy
5
Barcode Printer
Technology Blending For Cradle-to-Grave Lifecycle Tracking of Recordable Media (CDs) Phase I Components:
CAC Badges & Readers
TS
S C
U SCI
Pre Bar-coded (blank) CDs
Barcode Readers
NSA Certified CD Destroyers
Optional Receipt Printing
a. Authenticate & Issueb. Authenticate & Transferc. Authenticate & Destroy
CD Vending Machines
Kiosk #11
6
Profile: John Doe (TS)
Recipient
Owner Custody4/18/10 09:021-86463U39
1-387611-764893-852883-85280
4-13899
Serial
Number
Owner Custody7/28/10 11:00S11Owner Custody8/1/10 17:00C11
8/1/10 19:03
5/9/10 13:31
4/13/10 16:44
Date
Issued
Owner Custody
Owner Custody
Owner Custody
Status
(T, D, S, OC) T,D,S Date TS27
Kiosk
Number
CD
Class
Kiosk
Number
32
11
U
S
TS
S C
U
Phase I a.Authenticate & Issue
SCI
Authenticate
Issue
Track
T -TransferredD - DestroyedS - Stored (Phase II)OC - Owner Custody
Kiosk #11
Disallows Issue to personnel without
appropriate clearance
7
Phase I Cradle-to-Grave Lifecycle CD Tracking
• Phase I a. Authenticate & Issue • Phase I b. Authenticate & Transfer• Phase I c. Authenticate & Destroy
8
TS
Profile: John Doe (TS)
Col. Smith
Recipient
4-13899
Serial
Number
4/13/10 16:44
Date
Issued
Transferred
Status
(T, D, S, OC)
9/12/10 13:10
T,D,S Date
11TS27
Kiosk
Number
CD
Class
Kiosk
Number
Phase I b.Authenticate & Transfer
TS
Authenticate Ownership Eligibility/Acceptance
(Yes/No)Authentication
Loos
er R
ecei
pt
Gai
ners
Rec
eipt
Transfer CompleteHardcopy Printed (Optional)
Profile: Col Smith (TS-SCI)
Recipient
4-13899
Serial
Number
9/12/10 13:10
Date
Issued Owner
Custody
Status
(T, D, S, OC) T,D,S Date
TS11
Kiosk
Number
CD
Class
Kiosk
Number
Kiosk #11
Disallows transfers to Personnel without
appropriate Clearance
9
Phase I Cradle-to-Grave Lifecycle CD Tracking
• Phase I a. Authenticate & Issue • Phase I b. Authenticate & Transfer• Phase I c. Authenticate & Destroy
10
Phase I c.Authenticate & Destroy
Authenticate Ownership
Profile: John Doe (TS)
Col. Smith
Recipient
119/15/10 13:10Destroyed4/18/10 09:021-86463U39
1-387611-764893-852883-85280
4-13899
Serial
Number
119/15/10 13:10Destroyed7/28/10 11:00S11119/15/10 13:10Destroyed8/1/10 17:00C11
8/1/10 19:03
5/9/10 13:31
4/13/10 16:44
Date
Issued
Destroyed
Custody of Owner
Transferred
Status
(T, D, S, C)
9/15/10 13:10
9/12/10 13:10
T,D,S Date
11TS27
Kiosk
Number
CD
Class
Kiosk
Number
32
11
U
S
11
Kiosk #11
Disallows & Alerts when inappropriate Clearance or
“ownership” is detected
11
Profile: John Doe (TS)
Col. Smith
Recipient
119/15/10 13:10Destroyed4/18/10 09:021-86463U39
1-387611-764893-852883-85280
4-13899
Serial
Number
119/15/10 13:10Destroyed7/28/10 11:00S11119/15/10 13:10Destroyed8/1/10 17:00C11
8/1/10 19:03
5/9/10 13:31
4/13/10 16:44
Date
Issued
Destroyed
Owner Custody
Transferred
Status
(T, D, S, OC)
9/15/10 13:10
9/12/10 13:10
T,D,S Date
11TS27
Kiosk
Number
CD
Class
Kiosk
Number
32
11
U
S
11
Wrap-up Phase I Authenticate & Issue/Transfer/Destroy
Benefits
• Full lifecycle accountability
• Spot-checks & Tripwires
• Prevents Unauthorized Possession
• Leverages/blends Existing Technology
• No Classified is actually accessed/read
Kiosk #11
12
Phase II Storage
13
Phase II - Technology Blending For Secure CD Storage
TS
S C
U SCI
Bar-coded (blank) CDs
Same Components From Phase I
SU#22
Gutted (Stackable)
CD Drives
+
14
Optional Receipt Printing
Phase IIAuthenticate & Store
TS
Authenticate Ownership
Opens appropriate gutted CD slot in stack
TS
S
C
SU#22
Owner Custody
9/12/10 13:104-13899TS11
Profile (TS-SCI)
SU#22
Recipient
4-13899
Serial
Number
Date
Issued
Stored
Status
(T, D, S, OC)
9/12/10 14:15
T,D,S Date
TS
Kiosk
Number
CD
Class
Kiosk
Number
15
Wrap-Up Phase IIAuthenticate & Store
TS
TS
S
C
SU#22
Owner Custody
9/12/10 13:104-13899TS11
Profile
SU#22
Recipient
4-13899
Serial
Number
Date
Issued
Stored
Status
(T, D, S, OC)
9/12/10 14:15
T,D,S Date
TS
Kiosk
Number
CD
Class
Kiosk
Number
Benefits
• Inventory accountability
• Spot-checks & Tripwires
• Prevents Unauthorized Possession
• Leverages/blends Existing Technology
• No Classified is actually accessed/read
16
Phase III
Spill-Resistant Network
17
Phase IIISpill-Resistant Network
All CD Readers and CD Writers Require Barcode Reader to Access Drive
a. General User Desktop CD Readers Integrated With Barcode Reader
b. Communal Desktops with Same-Level CD Burners
c. Centralized High-Low CD Burner Process
a., b., & c. should be deployed together
18
Phase III c. Centralized High-Low CD Burner Process (Only CD Drives that can operate without a Barcode Reader)
Phase III b. Communal Desktops with Same-Level CD Burners
Phase III a. General User Desktop CD Readers Integrated With Barcode Reader
Spill-Resistant Network Topography
Works on both thin-client and client-server environments
CD Readers Only
Same Classification CD Writers Only
19
User scans barcode on CD to access CD drive. The first digit of the Serial Number (SN) determines if drive can be accessed. Example:
Unclassified systems with CD Readers will NOT mount CDs with SNs beginning with # 2 or higher
Confidential systems will NOT mount CDs with SNs beginning with 3 or higher
Secret systems will NOT mount CDs with SNs beginning with #4 or Higher. Etc…
Prevents the reading of CDs that are classified higher than the system (data spill)
Phase III a.General User Desktops CD Readers Integrated With
Barcode Reader
Kiosk #11
CD Readers Only
Introduction of “Foreign” CDs?Use Barcode Printer
20
User must scan barcode on CD to access CD Bruner. The first digit of the Serial Number (SN) determines if drive can be accessed. Example:
Unclassified systems with CD burners will only mount CDs with SNs beginning with #1
Confidential systems will only mount CDs with SNs beginning with #2
Secret systems will only mount CDs with SNs beginning with #3. Etc…
Prevents Users writing data to incorrectly marked blank CDs
(data spill waiting to happen)
Phase III b. Communal Desktops with Same-Level CD Burners
21
Privileged User emails (low side) sanitized file to user
User Uploads File to High-Side SharePoint
System generates Ticket
Privileged User from pool uses “Integrity” (aka Dirty word search & Secure Copy) to burn file(s) to unclassified (Green) CD
Air Gap/Sneaker Net
1Upload
2Track
4Secure
Transfer
3Verify
5Deliver &
Close Ticket (Step 2)
Phase III c. Centralized High-Low CD Burner Process
22
Wrap-UpPhase I Cradle-to-Grave Lifecycle CD Tracking Phase II Secure StoragePhase III Spill-Resistant Network With Bar-coding
Kiosk #11
23
Benefits• Provides Scalable lifecycle Cradle-to-Grave tracking of CDs
• Fully Automated
• Custody Transfers
• Employee out-processing flagging lost data
• Prevents unauthorized possession and secure Storage
• Facilitates Trend Analysis
• Facilitates secure High-Low Data Transfers & Prevents Data Spills
• Never actually “Reads” Classified Data
• Blends Existing COTS Technology
• Adds “Depth” to existing cybersecurity capabilities - keeping data secure even after it leaves the network.
24
The Webster Commission’s Report
“For instance, an information system auditing program would surely have flagged Hanssen’s frequent use of FBI computer systems to determine whether he was the subject of a counterintelligence investigation.” (Page 4)
“Over twenty-two years and more than forty passes, Hanssen turned over to Soviet and Russian intelligence an estimated twenty-six diskettes and 6,000 pages of classified information.” (Page 16)
“…over seven years ago, the CIA IG concluded that Aldrich Ames’ access to computer “terminals that had floppy disk capabilities represented a serious system vulnerability’.” (Page20)
However, if you control the “vehicle” or medium of how information “walks out” of your facility you reduced the insider threat by denying the traitor the medium to do it with.
Omar J Fakhri
25
The following 6 slides are a copy of the Narrative (Word doc) also
located on this website
26
The Omar-Matic, The Omar-ized Network, Omar-ized CD writers/readers, the Barker BoxBRIEF DESCRIPTION OF THE INVENTION: The Omar-Matic provides the full lifecycle (cradle-to-grave) tracking of CDs. It’s intended to be used in environments, such as the Intelligence Community (IC) where users, in certain circumstances must, for whatever reason, remove data from a system or network. When this happens the most common mode is to burn a CD. However, within the IC, and dealing with national security information such as SCI, Top Secret, Secret, Confidential or even Sensitive Unclassified data, such as PII, brings on major security challenges because… once any data leaves the confines of a “System boundary” and goes onto any removable media it becomes subject to loss or theft (Insider Threat).
This is where the Omar-Matic comes in. The Omar-Matic blends existing Commercial Off The Shelf (COTS) technology in such a manner to facilitate the full lifecycle tracking of all CDs. The COTS technology used in this concept are as follows:Bar-coding of CDsBarcode readers and printersDVD kiosk vending machines such as “Red Box”Common Access Control (CAC) badging technology and equipmentNSA approved CD Shredders.Receipt printers Actually, the Omar-Matic has three distinct concepts. The first one blends the use of all the aforementioned COTS technologies into a single package or “kiosk”. Ideally, there would be numerous such kiosks strategically/conveniently located within a major IC facility such as the Pentagon or the J. Edger Hoover Building.
PHASE-IHere’s how it works, users would use their CAC Badge to get a blank pre-labeled CD from the Omar-Matic CD dispensing kiosk. This concept capitalizes on the fact that the CAC badge system already “knows” this person’s security clearance and level of access. Therefore, the kiosk would only issue blank CDs up to the security level that the person is cleared for. For instance, if a person only held a Secret clearance then the kiosk could ONLY issue that person any blank CD marked at Secret or below and it would disallow the issuance of TS or SCI CDs. Also, the CAC badging system would track how many blank CDs, the classification level, even the time/date, and the specific kiosk a particular CD came from. This running tally can be extremely useful when its time for the individual to leave the organization (out process), or if the Chief Security Officer (CSO) needed to conduct a random spot-check to ensure proper stewardship of sensitive CDs. This kiosk also facilitates and records the transfer of CD ownership between individuals. Since the system knows the classification of the CD, and the clearance of the recipient, it will not allow a custody transfer to a recipient with an inadequate clearance. Okay, so the Omar-Matic can issue blank CDs and it can record the custody transfer between owners. What about the imminent destruction of the CD?
27
The Omar-Matic kiosk is actually conjoined with an NSA-approved CD shredder and, after proper authentication; it will securely destroy the CD. However, it will not allow the destruction of someone else’s CDs. Moreover, it will notify the CSO of any unauthorized possession, here’s how. Let’s say Sgt Jones, who has a TS clearance, gives Private Smith, who only has a Secret clearance, a TS CD and tells her to go to the kiosk to destroy it. When Private Smith gets to the kiosk the first thing she must do is scan the barcode on the CD. At this point, the system will recognize that the true owner is, in fact, Sgt Jones. The system will then ask for the Badge & PIN of the person attempting to destroy the CD. If Private Smith authenticates herself the system will not destroy the CD but, instead, send an alert to the CSO that a security breach has occurred. Essentially, Private Smith has custody of data that exceeds her clearance.
The kiosk will also print barcode stickers to accommodate “foreign” CDs which originated from outside the Omar-Matic system. Users would affix barcode stickers to foreign CDs so they can be tracked. This is especially important if they contain sensitive data. Of course, not all foreign CDs are sensitive and require tracking but all should be barcoded. That said, the 100% barcoding policy is NOT “required” unless the customer intends to implement Phase-III.
Some of the benefits are:●The CDs are pre-marked as per Executive Order 12958 which, to a large degree, takes the onus off the end user●Provides full cradle-to-grave accountability of all CDs●Visibility on usage, time in service (from issuance to destruction), high volume users (threats)●It forces users to destroy CDs when they are no longer needed (reduce risk)●The Omar-Matic is totally unclassified since it can only read data (barcodes) from the non-business side of the CD. User or “classified” data is never accessed. ●Should someone discover an abandoned CD, for example one inadvertently left in a bathroom, that person could take it to the closest kiosk to scan the barcode which would immediately reveal the registered owner. ●Enforces personal stewardship and accountability of all removable CDs. ●Uses a Phased approach and builds upon the success of previous Phases.
Building a prototype of this kiosk should be inexpensive. The hardest part would be integrating it with existing industry standard CAC authentication systems. Consequently, early prototypes should probably use an independent token similar to the keychain-size consumer loyalty tokens that retailers use at the checkout. Note: RF keychain-sized tokens could work but would probably add unnecessary complexity, especially for initial prototypes. There are many other options to explore in this area, such as fingerprint reader (biometric) technology.
What this first concept does NOT deal with is where CDs are actually stored, especially when you are talking about SCI, TS, and Secret data. This is where the second concept comes in.
For now, I believe that this is as far as a potential developer needs to go (Phase-I) to develop a product/prototype that would;1. Achieve “Proof-of-concept” and 2. Win the acceptance of the IC (sellable).
However, as any successful retailer (aka Wal-Mart) will attest, once you have an “automated” method of tracking property it opens the door for many other interesting possibilities.
28
PHASE-IIThe second concept (Phase-II) of the Omar-Matic is referred to in the original patent application as “The Barker Box”. The Barker Box uses most of the COTS technology mentioned above. Like the aforementioned kiosk, this device uses a barcode scanner, authentication appliances, and PIN but it’s also married to a “Stack” of gutted (minus the mechanism that allows it to read data) CD drives.
Upon user authentication, the Barker Box will open (eject) the door to one of the empty and “gutted” CD drives within the stack. The user would use this vacant slot to “store” a CD – essentially a safe of sorts. Internally, the gutted CD drive would then verify that the CD with that identical barcoded serial number is, in fact, stored within. Again, only the non-business side of the CD is read.
As with the aforementioned kiosk, the database would reflect the current status of that particular CD, which is… secured in the Barker Box. Moreover, this system would track when the CD was removed, by whom, for how long (threat), and how often (threat). The Barker Box takes CD accountability to the next level but there are many other benefits that will be included in my business plan should a developer or the Government decide to give it a green light.
PHASE-IIIThe third concept (Phase-III) of the Omar-Matic is referred to in the original patent application as the Omar-ized Network and Omar-ized CD Readers and Writers. I concede that my choice of naming conventions was a tad unfortunate. Consequently, I’m now calling this concept the “Spill-Resistant Network” and “Spill-Resistant Drives” which is more descriptive and way less cheesy. Anyway, the concept of this network is based on the principal that all the CD readers on the network will NOT mount any CD that’s not “appropriately” barcoded. This concept “forbids” any CD “known” to be classified at too high a level from ever being mounted in the first place. It’s important to understand that data spills are, as the name would imply, committed unintentionally - by humans. Moreover, spills cause damage and must be “cleaned up.”
However, the really clever part of this concept is the use of the Bell-La Padula security model to setup the barcode Serial numbering scheme for all CDs used on the network. Essentially, on an Omar-ized network all unclassified CD serial numbers will start with the number one (#1). Confidential CDs will start with the number two (#2) and Secret CDs will start with the number three (#3) so on and so fourth. It is important to note that the specific serial coding scheme doesn’t really matter as long as it’s associated with a security classification level. For instance, you could even use letters (U, C, S, TS, SCI) in the serialization of the CDs.
Omar-ized CD readers shall be setup to reflect the security classification of the network. If it’s a Secret network then all the readers are setup to disallow the mounting of any Top Secret or higher CD. Simply put, if the serial number begins with a four (Top Secret) or higher the CD can NOT be mounted on the drive (disallowed). This eliminates the inadvertent introduction of TS or higher data from contaminating (spillage) the Secret network. When you combine this with a strict “NO Thumb-drive policy” (like many IC agencies do anyway) you greatly reduce the chance of a data spill.
29
Similarly, the Omar-ized CD writers operate on the very same Bell-La Padula security model. Moreover, when combined with the aforementioned barcode serial numbering scheme, it actually prevents data from being written (burned) to incorrectly labeled CDs, which is a data spill waiting to happen.
Of course, there are times when personnel in the IC must “migrate” data from a system of a higher classification down to a system of a lower classification. This is a process is fraught with risk and must only be done under tightly controlled processes by trained and competent personnel. Such a process usually involves what as known in the industry as an “air-gap” or “sneakernet.” Like other subtle nuances associated with the Omar-Matic, my process to migrate system high data down to a system of a lower classification has also evolved. All these evolutions I recorded in my “inventor’s notebook”. On an Omar-ized network only “privileged users” would have the access to regular (non-Omar-ized) CD writers which would be the ONLY machine(s) that would allow High-low data transfer. However, I have since devised a process to facilitate this High-Low transfer and here’s how it works.
Let’s assume the entire network is classified Secret and a user on that network has an unclassified Word file that they need to email to someone on the internet (unclassified). On the Omar-ized network there would be a webpage (SharePoint would work fine) where the user would upload the aforementioned file. Obviously, the user would then have to populate some typical data fields such as the urgency (priority) of the request. A “Ticket” is then automatically generated and someone from the pool of “privileged users” is notified. The privileged users should be trained and equipped (non-Omar-ized CD writers) to migrate the data from the Secret system down to an unclassified CD which is then “air-gapped” to an unclassified internet terminal. The privileged user would then email (on the internet) the word file to the general user who could then confidently forward it on to whomever they need to.
25 Assumptions: •The IC (or for that matter wider industry) uses removable media, for whatever reason, to transfer data from one system to
another.•Removable media is used to fulfill a need to transfer data from one system to another.•Removable media isn’t going away anytime soon – or at least until “cloud computing” comes to fruition. Even then, would
it be too risky for the IC?•Removable media is susceptible to being lost or stolen (risk)•A trusted insider (Robert Hanssen) would exploit unmonitored/uncontrolled removable media to get data off of a system
and out of a secure facility.•When data is on a system it is “secure” up to the level of protection afforded (accredited) to that system but once the data
is transferred to any removable media it is less secure. •Once a CD is “written to” (at least the ones we’ll be using) it is then “closed out” and can no longer be written to again
(one-time shot) whereas thumb-drives written to repeatedly. •Removable media is temporary, and to that end, the assumption is that… it will (or should), eventually be destroyed - if not
think Barker Box.•When someone obtains a blank CD, either from an Omar-Matic kiosk or their communal office supply cabinet, the intent is
to (sooner or later) actually write data to it. Essentially, no one obtains a blank CD to use it as coaster for their coffee cup.
30
1. If someone obtains a CD marked Secret they intend to write at least some Secret data to it. 2. IC system users know the importance of correctly marking/labeling any electronic media which contains National Security
Information (EO 12958).3. When using regular blank CDs (not the pre labeled blanks) system owners are relying on users to correctly label (SF 707
(1-87) etc.,) the media. Consequently, system owners must accept the risk that the media might be mislabeled or remain unlabeled due to human error.
4. If you discover any removable media marked classified (Secret, TS, etc.) one must “assume” that it has classified data on it and… you must take appropriate measures to “secure” that CD until its status can be confirmed.
5. A lost CD could actually cause more damage than a lost laptop. 6. If someone loses a laptop the assumption is that they’ll be “found out” however, if someone loses an unaccounted for CD
they’d just burn another. CDs only cost about 32 cents each. 7. No on knows how many CDs are burned in the government and industry or if they are incorrectly disposed of.8. If we build a working prototype and allow a Government customer to pilot such a contraption they’d love it!9. Users would accept this concept since all the technology (barcode scanning, vending machines, ect.) is woven into our daily
personal lives. Also, subconsciously, vending machines are associated with pleasure (ATMs, DVD rental, candy, soda, condoms)
10. The Omar-Matic will NOT completely prevent a highly motivated trusted insider from removing the media from the facility and copying it while in the parking lot and then quickly returning the CD to avoid detection. However, if you dovetail RF tagging between Phases II and III and… if you monitor the time between when it’s pulled from the Barker box to when it’s mounted onto an Omar-ized CD Reader (and vise versa) this “residual” risk can be mitigated too.
11. The Omar-Matic will NOT completely stop all data spills, lost media, thwart all trusted insiders or cure world hunger. However, it will improve CD stewardship and impose personal accountability of all CDs used on the network and make it harder for a trusted insider to steal.
12. The Omar-Matic places no additional administrative burden on end users only that they correctly store, transfer, and destroy all the CD’s they use - the logging of those three activities is recorded automatically.
13. Since the entire system is unclassified, full system management, i.e. trend analysis, chronological tripwires, inventory restocking, user out processing, etc., could in fact, be done remotely by a the vendor (which would be us) making the CSO completely unburdened by this new process (think entirely new service industry – a niche market perhaps?)
14. If the customer decides to go “whole-hog” on Phase-I we may want to engineer a transition period. This period could involve a “CD amnesty box” to capture orphaned, unlabeled, mislabeled, and unloved “mystery” CDs. This would also give the organization an opportunity to start from ground zero. Interestingly, close scrutiny of the amnesty CDs may further reveal the scope of a previously unrealized problem and further justify wider use of this product.
31
• The FBI will need more CD writers. On April 1, 2010 at an “FBI Employee Town Hall meeting” in front of a packed audience the FBI Director Robert S. Mueller, III stated, “we will buy more CD writers”. I know this because my Supervisor (Mike Simmons) and I were in that audience when the Director said it.
• The Webster Commission actually meant what they said on page 78 of their report “…The FBI should study the feasibility of bar coding particularly sensitive classified material, such as asset files, to facilitate control and tracking.”
Essentially, most cyber-security warriors are focused on DMZs, IDS’, firewalls and all that geeky stuff. I concede that stewardship of removable media isn’t sexy but should be viewed as fundamental to a robust and holistic cyber-security solution. Simply put, what good are all the router patches, port scans, and red teaming if Robert Hanssen can waltz out the front door with a wallet full of CDs?
Stewardship & accountability matters and I believe that this will separate a potential developer/cyber-security company from the rest of the pack. This innovative approach to removable media stewardship can showcase our deeper appreciation of cyber-security challenges.
Omar J. Fakhri (Inventor) 727-505-4701
32
Pulling it all together
The NSA approved SEM Model 1200 CD-ROM Declassifer about $5K https://www.semshred.com/contentmgr/showdetails.php/id/54
Barcode reading equipment. Symbol MK1100 Self-Service Micro Kiosk Item No.:
MK1100 List price: $1,305.00 http://www.scanonline.com/mk1100.html
There’s tons of vending machine makers who make to order http://www.seagamfg.com/custom.html http://www.teleasy.com/quikflikweb1.asp
Prototype Productions, Inc. http://www.protoprod.com/
HID is the access badge system currently in use by the FBI http://www.proximitycards.com/
http://www.geindustrial.com/ge-interlogix/products/access/HID.html
The supplier of Govt. CD’s who’d have to put the barcode serial number on the CD’s http://www.at-ease-inc.com/atease.html
33
The Webster Report“Much of Robert Hanssen’s espionage involved compromising FBI document security by photocopying or downloading classified material and carrying it out of Bureau facilities. Thefts by a trusted employee entitled to read most of what he stole are difficult to prevent, short of invasive searches.” (Page 73)
“It is impossible to determine the number of classified documents the FBI receives, generates, and handles each year because production and copying of Secret documents are not regulated.” (Page 74)
“The FBI imposes no physical controls on disseminating and copying most categories of classified material within FBI space” (Page 76)
“FBI manuals should establish a time limit for maintaining working copies of classified documents so that managers can better monitor retention of copies... The FBI should study the feasibility of bar coding particularly sensitive classified material, such as asset files, to facilitate control and tracking.” (Page 78)
34
The Webster Report“Much of Robert Hanssen’s espionage involved compromising FBI document security by photocopying or downloading classified material and carrying it out of Bureau facilities. Thefts by a trusted employee entitled to read most of what he stole are difficult to prevent, short of invasive searches.” (Page 73)
“It is impossible to determine the number of classified documents the FBI receives, generates, and handles each year because production and copying of Secret documents are not regulated.” (Page 74)
“The FBI imposes no physical controls on disseminating and copying most categories of classified material within FBI space” (Page 76)
“FBI manuals should establish a time limit for maintaining working copies of classified documents so that managers can better monitor retention of copies... The FBI should study the feasibility of bar coding particularly sensitive classified material, such as asset files, to facilitate control and tracking.” (Page 78)