Year
1995
Abstract
DOE Order 5633.3B requires that nuclear material accountability (MA) systems provide for i) tracking material inventories, ii) documenting material transactions, iii) issuing periodic reports, and iv) assisting in the detection of: unauthorized system access, data falsification, and material gains or losses. Insider threats against the MA system represent the potential to degrade the integrity with which these requirements are addressed (e.g., altering data to misrepresent the quantity or location of nuclear material). In this paper, we describe a methodology for evaluating potential insider threats against both current and future (e.g., client-server network) MA software applications. The methodology comprises a detailed yet practical taxonomy for characterizing various types of MA system/software applications and their implementation options. This taxonomy facilitates the systematic collection and organization of key information that helps spodight such things as stages of information flow, transaction procedures, or auditing procedures potentially susceptible to insider falsification. Methodology benefits include helping MA managers and policy makers: i) examine proposed software designs or modifications with respect to how they might reduce or increase exposure to insider threats; and ii) better understand safeguards cost (e.g., operational hindrances) and benefit (resistance to falsification) tradeoffs of different system/software alternatives.