DOE integrated safeguards & security (DISS) personnel security network and databases concept of operations

摘要

The Department of Energy Integrated Safeguards and Security (DISS) Personnel Security Network and Databases provide the work-flow management, data transmission, data storage, and record keeping for the DOE access authorization processing, weapons data access, and access authorization approvals. The network consists of UNIX based workstation/servers at designated sites, personal computer clients at DOE and contractor offices, and a single UNIX workstation/gateway at the Office of Personnel Management. The Concept of Operations serves for the lifetime of the system as the formal record of the system, and its environment as approved for design, development, and operation. It describes the concepts that will allow multiple servers to operate as a consistent, yet independent, set of systems. Because of the inter-dependence between databases and the additional functionality of providing a Department-wide set of information, commensurate levels of security need to exist on each server. The Concept of Operations documents the protection concepts that are to be maintained to appropriately protect the system and its information. The security and privacy concepts described in this document allow protection in a consistent and comprehensive manner and are meant to protect DISS information from losses in confidentiality, integrity, or availability. Thus, the Concept of Operations is a statement of what concepts will be implemented, but not necessarily how they are to be implemented.