COMPUTER SECURITY ACT OF 1987 HEARINGS BEFORE A SUBCOMMITTEE OF THE GOVERNMENT OPERATIONS HOUSE OF REPRESENTATIVES ONE HUNDRETH CONGRESS FIRST SESSION ON H.R. 145 TO PROVIDE FOR A COMPUTER STANDARDS PROGRAM WITHIN THE NATIONAL BUREAU OF STANDARDS, TO PROVIDE FOR GOVERNMENTWIDE COMPUTER SECURITY, AND TO PROVIDE FOR THE TRAINING IN SECURITY MATTERS OF PERSONS WHO ARE INVOLVED IN THE MANAGEMENT, OPERATION, AND USE OF FEDERAL COMPUTER SYSTEMS, AND FOR OTHER PURPOSES FEBRUARY 25, 26, AND MARCH 17, 1987 Printed for the use of the Committee on Government Operations 76-612 U.S. GOVERNMENT PRINTING OFFICE WASHINGTON: 1987 For sale by the Superintendent of Documents, Congressional Sales Office COMMITTEE ON GOVERNMENT OPERATIONS JACK BROOKS, Texas, Chairman JOHN CONYERS, JR., Michigan STEPHEN L. NEAL, North Carolina ROBERT E. WISE, JR., West Virginia GERALD D. KLECZKA, Wisconsin MATTHEW G. MARTINEZ, California DAVID E. SKAGGS, Colorado FRANK HORTON, New York JIM LIGHTFOOT, Iowa BEAU BOULTER, Texas DONALD E. “BUZ” LUKENS, Ohio ERNEST L. KONNYU, California CONTENTS Baldrige, Malcolm, Secretary, Department of Commerce. Beilenson, Hon. Anthony C., a Representative in Congress from the State of California, and chairman, Oversight and Evaluation Subcommittee, Permanent Select Committee on Intelligence Berman, Jerry J., chief legislative counsel, American Civil Liberties Union, accompanied by Alan Adler, legislative counsel. Biddle, A.G.W. "Jack," president, Computer and Communications Indus- Brooks, Hon. Jack, a Representative in Congress from the State of Texas, and chairman, Legislation and National Security Subcommittee: Open- Brown, Clarence J., Deputy Secretary, Department of Commerce, accom- panied by Raymond Kammer, Jr., Deputy Director, National Bureau of Courtney, Robert H., Jr., president, Robert Courtney, Inc deGraffenreid, Kenneth E., former Special Assistant to the President for National Security Affairs..... Drake, Miriam A., director of libraries, Georgia Institute of Technology, Atlanta, GA, representing the Association of Research Libraries....... English, Hon. Glenn, a Representative in Congress from the State of Oklahoma, and chairman, Government Information, Justice, and Agri- Fisher, Louis, Specialist in American National Government, Congression- al Research Service, Library of Congress Fuqua, Hon. Don, former Representative in Congress from the State of Florida, and former chairman, House Committee on Science and Tech- Helsing, Cheryl W., chairman, Data Security Committee, American Bank- ers Association, and vice president for corporate preparedness and Kahn, Dr. David, author, "Codebreakers," and coeditor, Cryptologia mag- 127 Latham, Donald C., Assistant Secretary of Defense, Command, Control, Communications, and Intelligence, Department of Defense. Miller, Stuart J., president, Software AG of North America, Inc. Odom, Lt. Gen. William E., Director, National Security Agency, and Chief, Central Security Service, Fort George G. Meade Park, Dr. Robert L., director, Office of Public Affairs, American Physical Poindexter, Rear Adm. John M., former Assistant to the President for National Security Affairs, accompanied by Richard W. Beckler and Richardson, John M., chairman, Committee on Communications and In- formation Policy, Institute of Electrical and Electronic Engineers.............. Page Statement of-Continued Simpson, Jack W., president, Mead Data Central, Inc., Dayton, OH, repre- Socolar, Milton J., Special Assistant to the Comptroller General, U.S. Taft, William, IV, Deputy Secretary, Department of Defense Weingarten, Frederick W., Program Manager, Communication and Infor- Letters, statements, et cetera, submitted for the record by: 324 55 429 160 231 Beilenson, Hon. Anthony C., a Representative in Congress from the State 81-108 369-377 Biddle, A.G.W. "Jack," president, Computer and Communications Indus- et cetera... 301-302 February 23, 1987, letter from the National Security Council declin- February 23, 1987, letter from the National Security Council declin- 54 51 386-389 Statement of Secretary of Commerce Malcolm Baldrige, February 19, 221-225 Statements from Electronic Data Systems Corp., Technical College, Pendleton, SC, and Aetna Life & Casuality supporting H.R. 145.... 73-76 Brown, Clarence J., Deputy Secretary, Department of Commerce: Prepared statement... 205-217 Submissions to Chairman Brooks' questions. 226-227 Courtney, Robert H., Jr., president, Robert Courtney, Inc.: Prepared statement 317-321 deGraffenreid, Kenneth E., former Special Assistant to the President for National Security Affairs: Prepared statement... 407-411 Drake, Miriam A., director of libraries, Georgia Institute of Technology, Atlanta, GA, representing the Association of Research Libraries: Prepared statement. 184-197 24-36 English, Hon. Glenn, a Representative in Congress from the State of 44-47 Helsing, Cheryl W., chairman, Data Security Committee, American Bankers Association, and vice president for corporate preparedness and information security, BankAmerica Corp: Prepared statement....... 116-123 Page Letters, statements, et cetera, submitted for the record by-Continued Kahn, Dr. David, author, “Codebreaker,” and coeditor, Cryptologia magazine: Prepared statement.. 131-134 Latham, Donald C., Assistant Secretary of Defense, Command, Control, Prepared statement. 254-275 Submissions to Chairman Brooks' questions. 307-310 Miller, Stuart J., president, Software AG of North America, Inc.: Pre pared statement.. 355-366 Odom, Lt. Gen. William E., Director, National Security Agency, and Prepared statement.. 278-299 Submissions to Chairman Brooks' questions. 311-312 Park, Dr. Robert L., director, Office of Public Affairs, American Physical 143-148 Relyea, Harold C., Specialist in American National Government, Congressional Research Service, Library of Congress: Prepared statement.. 433-438 Richardson, John M., chairman, Committee on Communications and Information Policy, Institute of Electrical and Electronic Engineers: Prepared statement.. 152-158 Simpson, Jack W., president, Mead Data Central, Inc., Dayton, OH, representing the Information Industry Association: Prepared statement..... 330-348 Socolar, Milton J., Special Assistant to the Comptroller General, U.S. General Accounting Office: Prepared statement.. Vernon, Dr. Christie D., associate professor, and librarian, St. Leo Col- Article from the New York Times of February 9, 1987, entitled "U.S. 58-68 163 Prepared statement. 165-180 Weingarten, Frederick W., Program Manager, Communication and Information Technologies Program, Office of Technology Assessment: Prepared statement. 235-247 Submissions to Chairman Brooks' questions.. 249-250 Wise, Hon. Robert E., Jr., a Representative in Congress from the State of West Virginia: Article from the New York Times of September 24, 1985, entitled "U.S. Examines if Computer Used In '84 Election Is Open to Fraud". 137 APPENDIXES Appendix 1.-Statements submitted for the record Appendix 2.-Letters re: NSDD-145, the Poindexter directive and H.R. 145.. Appendix 7.-NTISSC memorandums re: Computer security legislation.... 546 548 Appendix 9.-Pertinent documents illustrating sequence of events leading to opposition to NSDD-145. 549 Appendix 10.-Material provided by the Information Industry Association 581 608 615 695 |