Upgrading Security: Holes, Patches, and How to Avoid Problems in the Future

By launching an integrated system for tracking the identities of computer system users and their accounts on specific applications, NASA aims to improve the efficiency, consistency and security of its information systems.

UNTIL NOWPROCESSFUTURE
Ad hoc process; varies between 10 space center locationsCREATING IDENTITIESAND ACCOUNTSSingle process with room forvariation in number of approvals required.
No uniform process for gathering required approvals for account creation.GATHERING APPROVALSAccount management system—Sun Identity Manager—will manage workflow for gathering required approvals.
The system administrator for each application, in most cases, must create an account manually before the user gets access. This applies to everything from travel reimbursement to rocket engineering systems.ADMINISTERING ACCOUNTSSun Identity Manager creates accounts once they are approved, often automatically. For less-well-integrated applications, the administrator gets electronic notification to create the account.
Social Security number is used by some applications as a personal identifier, a privacy and identity-theft risk.UNIQUELY DENTIFYING PEOPLESocial Security number is being replaced by different unique identifiers, except for select personnel and security applications.
Separate systems handle security clearance; not integrated with information systems security.CLEARING EMPLOYEES AND CONTRACTORS FOR SECURITY BADGES AND ONLINE ACCESSProcess that validates employee identities or contractors receiving security badges will trigger creation of electronic identities. Computer-user accounts can be traced back to those verified identities.
Users log in separately to many applications. Exceptions include applications that rely on Microsoft Active Directory (which allows users to access multiple resources with a single log-in).LOGGING IN TO APPLICATIONSA single log-in will give users access to authorized applications integrated with NASA’s internal Web portal.
Multiple databases record systems where user has an account,making it difficult to ensure that all accounts have been deleted for a former employee or contractor.TRACKING ACCOUNTSCentral account management system will maintain consistent records on who has accounts on what systems, agencywide.
No uniform process for deactivating employee accounts when they leave NASA.DEACTIVATING EMPLOYEE ACCOUNTSEmployees who retire or quit may be asked to deactivate their own accounts. Otherwise, accounts will be deactivated when employees are removed fromthe payroll.
No unified system for tracking contractors who may no longer be working at NASA and deleting their accounts. The same problem applies to scientists and others with remote access rights on NASA systems.DEACTIVATING ACCOUNTS FOR CONTRACTORS AND REMOTE USERSThe employer of a contractor or remote worker must notify NASA when an account should be deactivated. The account management system will detect when an account hasn’t been used for a prolonged period, triggering a process for closing or suspending accounts.
No comprehensive system in place. Orphan accounts pose a security risk.MANAGING “ORPHAN” ACCOUNTS—THE ACTIVE ACCOUNTS OF PEOPLE WHO LEAVE NASA BECAUSE OF A JOB CHANGE, RETIREMENT OR DEATHOrphan accounts should be eliminated once new security management systems are in place. Inactive accounts willbe purged.