Description: DOE Order 5633.3B requires that nuclear material accountability (MA) systems provide for (1) tracking material inventories, (2) documenting material transactions, (3) issuing periodic reports, and (4) assisting in the detection of- unauthorized system access, data falsification, and material gains or losses. Insider threats against the MA system represent the potential to degrade the integrity with which these requirements are addressed (e.g., altering data to misrepresent the quantity or location of nuclear material). In this paper, we describe a methodology for evaluating potential insider threats against both current and future (e.g., client-server network) MA software applications. The methodology comprises a detail yet practical taxonomy for characterizing various types of MA system/software applications and their implementation options. This taxonomy facilitates the systematic collection and organization of key information that helps spotlight such things as stag of information flow, transaction procedures, or auditing procedures potentially susceptible to inside falsification. Methodology benefits include helping MA managers and policy makers: (1) examine proposed software designs or modifications with respect to how they might reduce or increase exposure to insider threats; and (2) better understand safeguards cost (e.g., operational hindrances) and benefit (resistance to falsification) tradeoffs of different system/software alternatives.
Date: July 1, 1995
Creator: Jones, E. & Sicherman, A.
Item Type: Refine your search to only Article
Partner: UNT Libraries Government Documents Department