[Federal Register: January 6, 2005 (Volume 70, Number 4)]
[Notices]
[Page 1262-1264]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr06ja05-68]
-----------------------------------------------------------------------
DEPARTMENT OF THE INTERIOR
Office of the Secretary
Privacy Act of 1974, as Amended; Addition of a New System of
Records
AGENCY: U.S. Department of the Interior.
ACTION: Proposed addition of a new system of records.
-----------------------------------------------------------------------
SUMMARY: The Department of the Interior (DOI) is issuing public notice
of its intent to create a Privacy Act (PA) system of records in its
inventory of records systems subject to the Privacy Act of 1974 (5
U.S.C. 552a). This action is necessary to meet the requirements of the
Privacy Act to publish in the Federal Register notice of the existence
and character of records systems maintained by the agency (5 U.S.C.
552a(e)(4)). The new system of records is captioned, ``Interior--DOI-
15,'' and is titled, ``Authenticated Computer Access and Signature
System (ACASS).''
EFFECTIVE DATE: 5 U.S.C. 552a(e)(11) requires that the public be
provided a 30-day period in which to comment on the agency's intended
use of the information in the system of records. The Office of
Management and Budget, in its Circular A-130, requires an additional
10-day period (for a total of 40 days) in which to make these comments.
Any persons interested in commenting on this proposed amendment may do
so by submitting comments in writing to the Department of the Interior,
Privacy Act Officer, Marilyn Legnini, U.S. Department of the Interior,
Mail Stop (MS)-5312--Main
[[Page 1263]]
Interior Building (MIB), 1849 C Street, NW., Washington, DC 20240.
Comments received within 40 days of publication in the Federal Register
will be considered. The system will be effective as proposed at the end
of the comment period unless comments are received which would require
a contrary determination. The Department will publish a revised notice
if changes are made based upon a review of comments received.
FOR FURTHER INFORMATION CONTACT: Bob Donelson, Senior Property Manager,
Bureau of Land Management, Department of the Interior, 1620 L Street,
NW., MS LS, Washington, DC 20036; 202-452-5190.
SUPPLEMENTARY INFORMATION: The primary purpose of ACASS is: (1) To
ensure the security of DOI computer networks in order to maintain
continuous communications and protect the information attached to the
networks from unauthorized access, tampering or destruction; (2) To
verify that all persons accessing DOI networks with ``smart card''
systems are authorized to access them; (3) To ensure that persons
signing official documents are indeed the person represented and to
provide assurance to the recipient that the signature is authentic; and
(4) To enable an individual to encrypt and decrypt documents for secure
transmission.
The new ``smart card'' access control system is based on digitally
encrypted certificates. The DOI is adding the capability for users to
electronically sign documents and encrypt documents using digital
certificates. The current password access control system is used to
maintain access control to the various computer networks and computer
systems in the DOI. The new access control system will be used to
maintain access control to all DOI computer networks and systems that
have installed ``smart card'' access controls. In addition to the
information collected under the current access control system, the new
access control system will record the personal identification numbers
(PIN) of the ``smart card'' holder onto the ``smart card''. The PIN
will not be recorded elsewhere in the system. The data will be stored
on a server located in the U.S. Department of the Interior, Bureau of
Land Management, National Information Resources Management Center,
Denver Federal Center, Lakewood, Colorado. A redundant, fail-over,
server is located at BLM's Network Operations Center in Portland,
Oregon.
A copy of the system notice for Interior--DOI-15, Authenticated
Computer Access and Signature System (ACASS), follows.
Dated: January 3, 2005.
Marilyn Legnini,
Departmental Privacy Act Officer, Department of the Interior.
INTERIOR/DOI-15
System name:
Authenticated Computer Access and Signature System--Interior, DOI-
15
System location:
(1) Data covered by this system are maintained in the following
locations: U.S. Department of the Interior (DOI), Bureau of Land
Management (BLM), National Information Resources Management Center,
Denver Federal Center, Lakewood, Colorado. A redundant, fail-over,
server is located at BLM's Network Operations Center in Portland,
Oregon. A repository of digital certificates included in this system is
maintained by the certificate authority. However, only the Department
of Interior maintains a listing of individuals to whom the certificates
are issued.
(2) Limited access to data covered by this system is available at
DOI locations, both Federal buildings and Federally-leased space, where
DOI computer systems are located. System Administrators at those
locations have access only to the information for employees who attempt
to access computer systems at their location.
Categories of individuals covered by the system:
All individuals who have ``smart card'' IDs with authentication
capability who are granted access to DOI computer networks or certain
isolated systems at facilities that have the ``smart card'' access
control system installed and individuals authorized to sign official
DOI documents. These include, but are not limited to, the following
groups: current agency employees, former agency employees until the
records are disposed of in accordance with the proscribed records
schedule, agency contractors, other Government employees from agencies
with ``smart card'' systems and volunteers.
Categories of records in the system:
Records maintained on current agency employees and agency
contractors include the following data fields: Name, organization/
office of assignment, personal identification number (PIN), number of
ID security cards issued, ID security card issue date, ID security card
expiration date, and ID security card serial number. The Active
Directory is a component of the computer network operating system used
by DOI that performs network management functions and is the repository
for the computer access data. A contracted certification authority
provides the digital certificates and encryption services necessary for
secure authentication and verification. The collected data will contain
the individual's user ID/e-mail address. The Active Directory will
generate the date of entry to the computer network/system, time of
entry, location of entry, time of exit, security access category, and
access status which will also become part of the record. The collected
data retained in Active Directory may also contain: office telephone
number, supervisor's name and Web home page address. Records on former
agency employees are maintained in accordance with the proscribed
records schedule.
Authority for maintenance of the system:
5 U.S.C. 301; Presidential Memorandum on Upgrading Security at
Federal Facilities, June 28, 1995.
Federal Information Security Act (Pub.L. 104-106), section 5113.
E-Government Act (Pub.L. 104-347), section 203.
Government Paperwork Elimination Act (Pub.L. 105-277).
Routine uses of records maintained in the system including categories
of users and the purposes of such uses:
The primary purposes of the system are:
(1) To ensure the security of DOI computer networks to maintain
continuous communications and protect the information attached to the
networks from unauthorized access, tampering or destruction.
(2) To verify that all persons accessing DOI networks with ``smart
card'' systems are authorized to access them.
(3) To ensure that persons signing official documents are indeed
the person represented and to provide for non-repudiation of the use of
an electronic signature.
(4) To enable an individual to encrypt and decrypt documents for
secure transmission.
Disclosures of records within DOI:
Disclosure of these records may be made: (1) To those officers and
employees of DOI who have a need for the record in the performance of
their duties, or (2) when required by the Freedom of Information Act, 5
U.S.C. 552.
Disclosures outside the DOI may be made:
(1) To an expert, consultant, or contractor (including employees of
the
[[Page 1264]]
contractor) of DOI that performs, on DOI's behalf, services requiring
access to these records.
(2) To another agency with a similar ``smart card'' system when a
person with a ``smart card'' requires access to that agency's
facilities on a ``need-to-know'' basis.
(3) To the Federal Protective Service and appropriate Federal,
State, or local agencies responsible for investigating emergency
response situations or investigating or prosecuting the violation of or
for enforcing or implementing a statute, rule, regulation, order or
license, when DOI becomes aware of a violation or potential violation
of a statute, rule, regulation, order or license.
(4)(a) To any of the following entities or individuals, when the
circumstances set forth in (b) are met:
(i) The Department of Justice (DOJ);
(ii) A court, adjudicative or other administrative body;
(iii) A party in litigation before a court or adjudicative or
administrative body; or
(iv) Any DOI employee acting in his or her individual capacity if
DOI or DOJ has agreed to represent that employee or pay for private
representation of the employee;
(b) When
(i) One of the following is a party to the proceeding or has an
interest in the proceeding:
(A) DOI or any component of DOI;
(B) Any DOI employee acting in his or her official capacity;
(C) Any DOI employee acting in his or her individual capacity if
DOI or DOJ has agreed to represent that employee or pay for private
representation of the employee;
(D) The United States, when DOJ determines that DOI is likely to be
affected by the proceeding; and
(ii) DOI deems the disclosure to be:
(A) Relevant and necessary to the proceeding; and
(B) Compatible with the purposes for which the records were
compiled.
(5) To a congressional office in response to a written inquiry an
individual covered by the system has made to the congressional office
about him or herself.
(6) To an official of another Federal agency to provide information
needed in the performance of official duties related to reconciling or
reconstructing data files, in support of the functions for which the
records were collected and maintained.
(7) To representatives of the National Archives and Records
Administration to conduct records management inspections under the
authority of 44 U.S.C. 2903 and 2904.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
Records are stored in electronic media on hard disks, magnetic
tapes and the ID authentication card itself and on paper records stored
in file cabinets in secured locations.
Retrievability:
Records are retrievable from Active Directory by organization,
agency point of contact, security access category that describes the
type of access the user is allowed, date of system entry, time of
entry, location of entry, time of exit, location of exit, ID security
card issue date, ID security card expiration date, and ID security card
serial number.
Access Safeguards:
The computer servers in which records are stored are located in
computer facilities that are secured by alarm systems and off-master
key access. Active Directory access granted to individuals is password-
protected. Access to the certificate issuance portion of this system of
records is controlled by a digital certificate in combination with a
personal identification number (PIN). Each person granted access to the
system must be individually authorized to use the system. A Privacy Act
Warning Notice appears on the monitor screen when records containing
information on individuals are first displayed. Backup tapes are stored
in a locked and controlled room in a secure, off-site location. A
Privacy Impact Assessment was used to ensure that Privacy Act
requirements and safeguard requirements were met.
Retention and disposal:
Records relating to persons covered by this system are retained in
accordance with General Records Schedule 18, Item No. 17. Unless
retained for specific, ongoing security investigations:
(1) Records relating to individuals other than employees are
destroyed two years after the ID security card expiration date.
(2) Records relating to date and time of system entry and exit of
employees are destroyed two years after the date of entry and exit.
(3) All other records relating to employees are destroyed two years
after the ID security card expiration date.
System manager(s) and address:
Director, Information Resources Management Center, Bureau of Land
Management, Denver Federal Center, Building 40, P.O. Box 25047, Denver,
Colorado 80225-0047.
Notification procedures:
An individual requesting notification of the existence of records
on himself or herself should address his/her request to the local
office Information Technology Security Manager. The individual
requesting notification must provide their full name and social
security number. Interior bureaus/offices are listed at the Department
of the Interior Web site at http://www.doi.gov. The request must be in
writing and signed by the requester. (See 43 CFR 2.60.)
Records access procedures:
An individual requesting access to records maintained on himself or
herself should address his/her request to the local office Information
Technology Security Manager. The individual requesting access must
provide their full name and social security number. The request must be
in writing and signed by the requester. (See 43 CFR 2.63.)
Contesting record procedures:
An individual requesting amendment of a record maintained on
himself or herself should address his/her request to the local office
IT Security Manager. The individual requesting the amendment must
provide their full name and social security number. The request must be
in writing and signed by the requester. (See 43 CFR 2.71.)
Record source categories:
Individuals covered by the system, supervisors, and designated
approving officials, certificate issuing authority, network system
administrators.
Exemptions claimed for the system:
None.
[FR Doc. 05-292 Filed 1-5-05; 8:45 am]