USAREUR Pamphlet 380-40
Security
Communications Security (COMSEC) Custodian Guide
3 March 1997
This version includes change 1, 16 December 1997.
For the Commander in Chief:
ROBERT S. COFFEY
Major General, GS
Chief of Staff
Official:
Seal
ROBERT L. NABORS
Brigadier General, GS
Deputy Chief of Staff,
Information Management
Summary. This pamphlet is a guide for communications security account personnel in USAREUR. This pamphlet will be used with AR 380-40, USAREUR Regulation 380-40, and Technical Bulletin 380-41.
Applicability. This pamphlet applies to organizations and activities in USAREUR. This pamphlet also applies to units supported by USAREUR.
Forms. Only -R forms may be reproduced locally on 8½ - by 11-inch paper through the servicing forms management office. Other forms will not be reproduced; they will be ordered by the unit or organization publications officer from the United States Army Printing and Publications Center, Europe, or as stated in the prescribing directive.
Suggested Improvements. The proponent of this pamphlet is the Office of the Deputy Chief of Staff, Intelligence, HQ USAREUR/7A (AEAGB-CI-S, 370-7214). Users may send suggestions to improve this pamphlet on DA Form 2028 (Recommended Changes to Publications and Blank Forms) to the Commander, USAREUR/7A, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014.
Distribution. Distribute according to DA Form 12-88-E, block 0800, command level A.
CONTENTS
SECTION I
INTRODUCTION
SECTION II
PHYSICAL PROTECTION AND ACCOUNTABILITY OF COMSEC MATERIAL
SECTION III
PROTECTING COMSEC MATERIAL IN EMERGENCIES
SECTION IV
COMSEC FACILITIES
SECTION V
KEY MANAGEMENT
SECTION VI
INSPECTIONS, REVIEWS, AND INVENTORIES
SECTION VII
SURVEILLANCE
SECTION VIII
CONTROLLED CRYPTOGRAPHIC ITEMS
SECTION IX
DEPARTMENT OF THE ARMY CRYPTOGRAPHIC ACCESS PROGRAM
Appendixes
A. References
B. ACCLAIMS Instructions
C. Emergency Plan
D. Hand-Receipt Holder, User, and Witness Responsibilities
E. Sample Key Management Standing Operating Procedure
F. Command Inspections
G. Standardized COMSEC Custodian Course
H. Mail and Message Addresses
I. Sample COMSEC Incident or CCI Incident Report
Glossary
SECTION I
INTRODUCTION
1. PURPOSE
This pamphlet--
a. Establishes a guide for USAREUR communications security (COMSEC) account custodians. Commanders and COMSEC custodians will ensure this pamphlet is available at the user level. This pamphlet will be used with AR 380-19, Information Systems Security; AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material; DA Pamphlet 25-16, Security Procedures for the Secure Telephone Unit, Third Generation (STU-III); DA Pamphlet 25-380-2, Security Procedures for Controlled Cryptographic Items; Technical Bulletin (TB) 380-41, Procedures for Safeguarding, Accounting, and Supply Control of COMSEC Material; and USAREUR Regulation 380-40, Safeguarding and Controlling Communications Security Material.
b. Shows the interface between Army and theater components.
c. Standardizes COMSEC procedures throughout the command.
d. Is a training aid for new COMSEC custodians.
e. Applies to--
(1) HQ USAREUR/7A staff offices and USAREUR commands (USAREUR Reg 10-5).
(2) Other Army units that receive COMSEC support from USAREUR.
(3) Department of Defense (DOD) elements that receive COMSEC support from USAREUR.
2. REFERENCES
Appendix A lists references.
3. ABBREVIATIONS AND TERMS
AR 380-19, AR 380-40, USAREUR Regulation 380-40, and publications listed in this pamphlet, appendix A, explain terms used in this pamphlet. The glossary defines abbreviations used in this pamphlet.
4. RESOLVING CONFLICTS
a. In cases of conflict between this pamphlet and applicable regulations, the procedure that provides a higher degree of security or control will be used until the conflict is resolved.
b. Commanders will send requests to resolve conflicts through command channels to the Commander, USAREUR/7A, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014.
SECTION II
PHYSICAL PROTECTION AND ACCOUNTABILITY OF COMSEC MATERIAL
5. CONTROL OF CLASSIFIED COMSEC MATERIAL
Classified COMSEC material, when not stored according to AR 380-5, AR 380-40, USAREUR Regulation 380-40, and TB 380-41, will be in the physical possession of a properly cleared personnel.
6. ACCOUNTING LEGEND CODE (ALC) 3 MATERIAL
The Army is eliminating accounting legend code (ALC) 3 material from its inventory. The Army plans a time-phased transition from ALC 3 to ALC 1 or ALC 4. Army COMSEC accounts will not adhere to another service or joint-serve controlling authority (CONAUTH) instructions for the conversion of ALC 3 key unless specifically instructed by the United States Army Communications-Electronic Command, Communications Security Logistics Activity (USACCSLA).
NOTE: Short titles managed by non-Army controlling authorities are not affected by these instructions. The following procedure explains message, HQ USACCSLA, SELCL-KP-KEY, 171458Z April 1996, subject: Accounting Legend Code (ALC) 3 Material.
a. ALC 3 keying material on hand in an account (material not already issued to a user) will remain ALC 3 until destroyed. The ALC block on the item register (IR) card does not change. New material may or may not have the same short title as ALC 3 material already on hand in the account. Custodians must check the SF 153 (COMSEC Material Report) transfer reports to ensure new material is brought under control. New material must have a new IR card if the ALC is changed from ALC 3 to ALC 1 or ALC 4, regardless of the short title. New material may be added to a current IR card only if the short title and ALC are exactly the same as the material already on the card.
b. Custodians of automated accounts will process new material using the short titles listed on the SF 153. Like the manual accounts, ALC 3 will be part of the short title until destroyed. Custodians will add new ALC 1 or ALC 4 material into the Army COMSEC Commodity Logistics Accounting and Information Management System (ACCLAIMS) database (app B). The history file will automatically record the correct ALC. The ALC of material on hand in the account and already entered in the ACCLAIMS database must not be changed.
c. When the term "discontinued" appears next to a short title in paragraphs 13 and 14 of the message (NOTE above), the short title has been discontinued. The short title may have been replaced or no longer needed. The term "pending" next to a short title means that the National Security Agency (NSA) has not finished the edition.
d. Custodians will not destroy the older ALC 3 material to exhaust existing supplies.
e. Short titles and editions listed in paragraphs 13 and 14 of the message (NOTE above) will change to ALC 1 or ALC 4 with new short titles.
f. When the NSA sends keying material with the new ALC, it automatically will be added to the Army COMSEC Central Office of Record (ACCOR) database with the correct ALC. A special possession report or a conversion report is not needed. Non-Army CONAUTHs may require a special possession report for non-Army controlled ALC 3 material. The COMSEC Logistics Assistance Office (375-7424) can help with this procedure.
g. ALC 3 already issued to a user in a given account should not be recalled. ALC 3 is permanently issued and cannot be recalled.
7. CONTROL OF TOP SECRET KEYING MATERIAL
a. Top Secret keying material will be safeguarded and controlled according to AR 380-40, USAREUR Regulation 380-40, and this pamphlet.
b. SF 702 (Security Container Check Sheet) will be attached to each container. Print the words "RED" and BLUE" at the top of the form if container is used to store two-person integrity (TPI) material, to indicate which side of the form each team initials for its particular control function (fig 2-1).
8. TRANSPORTING COMSEC MATERIAL
a. Ground Transporting. Only U.S. Government-owned or -leased and host-nation military-support ground vehicles will be used by U.S. unit couriers to transport COMSEC material. Commanders may give written approval to use privately-owned vehicles (POVs) for emergency situations when Government transportation is not available. The courier must carry the approval.
b. Air Transporting. Only U.S. Government-owned or -leased and host-nation military aircraft may be used by U.S. unit couriers to transport classified COMSEC material.
c. Transporting Exceptions. Exceptions to use commercial aircraft (U.S. Flag and non-U.S. Flag aircraft) to transport COMSEC material will be requested according to USAREUR Regulation 380-40, paragraph 7, and this pamphlet, figure 2-2.
d. Courier Authorization Card. Commanders will use DD Form 2501 (Courier Authorization Card) to appoint official unit couriers to transport classified COMSEC material outside U.S. military garrisons and field-operating sites within the same country according to AR 380-5 and USAREUR Supplement 1. (DD Form 2501 is an accountable form, valid for 1 year from date of issue (fig 2-3).)
e. Accountability Register. COMSEC custodians will sign for a block of DD 2501 forms from their security manager on AE Form 380-40A-R (Accountability Register for DD Form 2501 (Courier Authorization)). Custodians will assign the DD Form 2501 to COMSEC couriers as needed. COMSEC couriers will sign for the DD Form 2501 from their COMSEC custodian on AE Form 380-40A-R.
9. COMSEC MATERIAL TURN-IN PROCEDURES
a. COMSEC custodians turn in COMSEC material and equipment as follows:
(1) "Zeroize" equipment (including secure telephone unit-third generation (STU-III) equipment) and, if possible, place switches in the Z-ALL position.
DEPARTMENT OF THE ARMY
444th MILITARY INTELLIGENCE BATTALION
UNIT 12345
APO AE 09000 |
AEAXX-XX | 1 November 1996 |
MEMORANDUM FOR Deputy Chief of Staff, Intelligence, USAREUR, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014 |
SUBJECT: Request for Exception to Policy to Transport Classified COMSEC Material Aboard Non-U.S. Flag Aircraft. |
1. References:
a. AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material.
b. USAREUR Regulation 380-40, Safeguarding and Controlling Communications Security Material. |
2. According to the above references, request approval to courier Secret collateral keying material (USKAT-11111) aboard a non-U.S. flag aircraft to Zagreb, Croatia, to support Operation Joint Endeavor. |
3. AR 380-40 allows USAREUR commanders to approve transporting COMSEC material on non-U.S. flag aircraft in an operational necessity. The AR restricts this approval to the lowest general-officer level. |
4. The keying material is essential for mission-accomplishment. The material must be in the sight of the courier at all times. |
NOTE: List information required in USAREUR Regulation 380-40, paragraph 7, here. |
5. Point of contact is CW4 Robert Jones, 444-1111/2222. |
FOR THE COMMANDER: |
  | JOHN H. WILLIAMS Lieutenant Colonel, MI Plans and Operations Officer |
Figure 2-2. Sample Request to Courier Classified COMSEC Material Aboard Non-U.S. Flag Aircraft |
(2) Remove batteries when storing equipment, except STU-IIIs, longer than 2 days. STU-IIIs are issued with a manufacturer-installed battery. These batteries are used for maintaining keying material, setup options, and memory-dialing sequences during loss of power. The average battery-life is 7 years. These batteries should be removed only for replacement. STU-III batteries will be retained with the equipment during shipment and storage. Batteries should not be removed in the STU-III for shipping or when returning unserviceable STU-IIIs.
(3) "Power-up" the equipment, if possible, before it is turned in to ensure all key is zeroized.
(4) Ship equipment that cannot be zeroized or identified as being zeroized by defense courier service (DCS).
(5) Ship unkeyed and unclassified controlled cryptographic item (CCI) equipment by registered mail.
(6) Perform a technical inspection (TI) on all equipment.
(7) Ensure that KT-83s, HGX-83s, and KGX-93s are certified and that security seals are intact.
b. Custodians may only open equipment they are authorized to repair (listed on a custodian's DD Form 1435 (COMSEC Maintenance Training and Experience Record)).
c. Security-related turn-in procedures are as follows:
(1) Ensure equipment is stored according to the highest classification of the equipment or of the key stored in the equipment.
(2) Direct questions about equipment security or shipping procedures to the local security manager, COMSEC custodian, COMSEC Logistics Assistance Representative (LAR), or the United States Army Theater COMSEC Management Office-Europe (USATCMO-E) at 382-5828. Direct questions about maintenance or equipment modifications to the Theater COMSEC Logistic Support Center-Europe (TCLSC-E) at 382-5816.
SECTION III
PROTECTING COMSEC MATERIAL IN EMERGENCIES
10. PRIORITY FOR EMERGENCY-DESTRUCTION OF MATERIAL
TB 380-41 lists priorities for destroying classified and unclassified sensitive material (precautionary or total destruction) in emergencies.
11. COORDINATION AND APPROVAL
The COMSEC custodian will prepare an emergency plan according to TB 380-41, AR 190-13, USAREUR Regulation 190-13, and this pamphlet, for the installation physical-security plan (app C). Commanders will approve the plan after coordinating it with staff agencies. The plan will list organizations that must be notified during an emergency. A sample emergency plan is in this pamphlet, appendix C.
a. The basic emergency plan normally will be marked "FOR OFFICIAL USE ONLY" with exemption category-2 according to AR 25-55, unless it contains classified information.
b. Specific short titles of positive-controlled material will not be listed in the plan with their associated status (for example, effective, reserve, exercise). Short titles and status for COMSEC material that is not positive-controlled may be listed.
c. The emergency plan will include an evacuation site and an alternate site. Evacuation-route diagrams will be marked FOR OFFICIAL USE ONLY.
d. Emergency plans will provide for cryptoequipment mounted on tactical conveyances (ground and air vehicles).
e. Part of the plan will be practiced at least once every 3 months. The "dry run" will be witnessed by appropriate neutral personnel (for example, post or unit fire marshal) or a representative from at least one of the following organizations: The provost marshal office (PMO), motorpool, intelligence (S2), or operations and training (S3). All participating personnel (including witnesses) will be documented in an annex of the basic plan (app D). Current operational key will not be destroyed or moved during the dry run.
f. Emergency task cards are optional (TB 380-41, para 5.19).
g. A written record of practice results will be filed in the COMSEC account with the emergency plan.
h. In an actual emergency, keying material and classified COMSEC publications must be destroyed beyond recognition. Any method approved for routine destruction (for example, burning, chopping, pulverizing) is acceptable. Shredders that do not meet the requirements of TB 380-41 may be used only to reduce bulk; residue must be destroyed by other means (for example, burning, chopping, pulverizing).
i. In an actual emergency, equipment will be destroyed to ensure cryptologic data cannot be reconstructed. All classified components of the equipment (for example, printed circuit boards, keyed permuting devices) will be removed and destroyed. Operating instructions and maintenance manuals list items that should be destroyed beyond recognition and provide preferred methods of destruction.
j. TB 380-41 describes cryptographic-material destruction devices.
SECTION IV
COMSEC FACILITIES
12. ESTABLISHING COMSEC FACILITIES
a. When establishing a new COMSEC facility, commanders will send a COMSEC facility approval request (CFAR) with the information required by TB 380-41, chapter 2. Figure 4-1 is a sample CFAR. A CFAR will be sent through command channels to the Director, United States Army Communications-Electronics Command COMSEC Logistics Activity, ATTN: SELCL-KP-AU, Fort Huachuca, Arizona 85613-7090. A completed copy of DA Form 2012 (COMSEC Account Data) (para 4-2) must be included with the CFAR. (DA Form 2012 will be kept in the inactive file for 1 year after the outgoing COMSEC custodian leaves.)
b. Subaccount or hand-receipt holder user COMSEC facilities do not require USACCSLA approval. Subaccount and hand-receipt holder command facilities must meet physical-security standards in AR 190-13, AR 380-5, and AR 380-40. Command COMSEC facility approval may be granted by the appropriate commander (for example, a platoon leader storing COMSEC in the platoon room before deployment). Secure subscriber terminals will be approved as part of the request for accreditation by the designated accreditation authority (AR 380-19).
c. Automated information systems used to process the ACCLAIMS will be accredited for unclassified sensitive information according to AR 380-19 before loading master-asset files. The automatic data-processing information systems security officer (ISSO) or information systems security manager (ISSM) will provide assistance.
d. Command COMSEC facility approvals for automated facilities accredited under AR 380-19 will be updated every 3 years. Other approvals will remain in effect as long as the physical protective measures and security procedures in force for the approval remain unchanged.
13. MOSS HAMILTON X-07 LOCK
The Moss Hamilton X-07 Lock is the primary replacement lock for existing mechanical combination locks. This lock has three system selections.
a. Single-Lock. This selection is the same as standard combination locks. This lock is opened by dialing the correct combination.
b. Dual-Lock. This selection should be used for TPI material. To open this lock, two individuals must enter their combinations within a 40-second period. If the process takes more than 40 seconds, the lock shuts down and the display will go blank.
c. Supervisor-and-Subordinate. This selection is used when a supervisor has responsibility for the control of the safe but does not have access to the contents of the safe. To use this option, the supervisor enters the first combination at the beginning of the day or shift. After the first combination has been entered, the lock can be opened by any person with the second combination. At the end of the day or shift, the supervisor reenters the first combination and the lock cannot be opened until the supervisor enters the first combination at the beginning of next day or shift.
14. COMSEC ACCOUNT DATA FORM
Figure 4-2 is a sample DA Form 2012 completed according to TB 380-41, paragraph 2.12.4.
DEPARTMENT OF THE ARMY
HEADQUARTERS, V CORPS
UNIT 29335
APO AE 09014 |
AETV-IM-CCMO (380-40a) | 1 November 1996 |
MEMORANDUM THRU Commander, (Your higher headquarters, mailing address) (Any thru lines must be initialed) |
FOR Director, United States Army, Communications-Electronic Command, Communications-Electronic Command, |
Communications Security Logistics Activity, ATTN: SELCL-KP-AU, Fort Huachuca, AZ 85613-7090 |
SUBJECT: COMSEC Facility Approval Request (CFAR) |
1. References:
a. AR 380-5, Department of the Army Information Security Program, 25 February 1988, appendix H.
b. AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material, 1 September 1994, chapter 4.
c. TB 380-41, Procedures for Safeguarding, Accounting, and Supply Control of COMSEC Material, 1 October 1994, paragraph 2.1.2. |
2. This command has a requirement to establish or update (as appropriate) a COMSEC facility.
a. General Information:
(1) Commander, V Corps
ATTN: AETV-IM-CCMO/5CE016
Unit 29335
APO AE 09014
(2) UIC: WCDWAA
(3) Telephone Numbers: Commercial: 49-6221-57-5635, DSN: 370-5635/5634.
(4) COMSEC Account Number: 5CE016. (to be announced (TBA), if account number not assigned)
(5) Facility Location: Room 006, Basement Floor, Building 5, Campbell Barracks, Heidelberg, Germany. If requesting a safe as the facility state, "General Services Administration (GSA)-approved safe in room x."
(6) Point of Contact: CW2 Rocha or SFC Morales (telephone number if different from (3) above).
(7) Type of Request: Update or (Initial because of Establishment or Relocation).
(8) Classification Information: Top Secret (TS) or (highest classification of material received or held).
b. Purpose: Operations, distribution, maintenance, administrative, storage, or other, according to TB 380-41, para 2.1.2b. Indicate primary purpose (for example, storage, and distribution).
c. General Cryptosystems: Use short-title of "System" on hand or authorized that the account will be supporting (for example, Vinson, mobile subscriber equipment (MSE), secure telephone unit-third generation (STU-III), KG-84, Global Positioning system (GPS)).
d. Physical Security: Provide physical security description of the facility according to TB 380-41, paragraph 2.1.2d, and AR 380-5, appendix H. Also, identify any type of alarm system (for example, the building that will house COMSEC Account 5CE016 is of substantial brick masonry construction. The class "A" vault-type room has three rooms and an entry hall that meets the standards in AR 380-5, app H).
(1) Walls: The perimeter walls are 8" thick and have three air vents and two windows. The air vents and windows are barred.
(2) Floor: The floor is solid concrete with tile covering.
(3) Ceiling: The ceiling is solid concrete.
(4) Windows: This facility has two 17 1/2" X 26 1/2" windows. Each window has five vertical and three horizontal bars with a distance of 4 inches between them. The windows are mounted in the concrete wall.
(5) Entry and Exit: This COMSEC facility has one, single reinforced, 3 inch-thick steel door with built-in three-position, group one, dial combination-lock, along with a steel day gate equipped with an electronic cipher lock used as entry and exit. Between the steel door and the day gate there is another door that has a dead bolt lock. The vault is also secured with a standard JSIIDS alarm system connected to the military police desk at the front gate of Campbell Barracks. The alarm is activated during non-duty hours. In the event of an alarm, security personnel can respond within 15 minutes. |
NOTE: If request is for a TS facility, identify the provisions to store material, according to TPI. If facility is to be a GSA-approved safe, identify secondary barriers, include access control when container is open. |
(6) There are three rooms within the vault: a storage room between the first door and the day gate, the middle room that houses the safes, and the back room that is office space. There is also a hallway that houses a telephone distribution box for the building.
e. Material and Equipment Security: (Describe protection of material during nonworking hours, according to TB 380-41, para 2.1.2e.) All classified and COMSEC material not under the direct continuous control of cleared and authorized personnel is stored in GSA-approved containers that are in the COMSEC facility.
(1) Top Secret (TS) keying material is managed and stored in a no-lone zone. When not stored, TS material is handled according to two-person integrity (TPI) rules (in possession of two TS-cleared persons).
(2) TS keying material is secured in a four-drawer, five-lock GSA-modified approved container. One of the five locks is identified as the "RED" side and another one as the "BLUE" side. The "BLUE" side has one Sergeant and Greenleaf three-position lock. The "RED" side has four Sergeant and Greenleaf padlocks located at each drawer (Federal Specifications FF-P-110 8077A).
f. Standards Statement: Applicable standards can (or can not) be met for the storage and destruction of COMSEC material as required by TB 380-41, paragraph 2.1.2f.
|
FOR THE COMMANDER: |
  | GENE TYLER Lieutenant Colonel, GS
Deputy Chief of Staff, Information Management |
(CFAR must be signed by the commander or an authorized representative.) |
AR 25-55, para 3-200, exemption 3a, prescribes protective markings. |
(At a minimum, memorandum will be marked:)
FOR OFFICIAL USE ONLY |
Figure 4-1. Sample COMSEC Facility Approval Request |
15. IDENTIFYING COMSEC FACILITIES
A bilingual RESTRICTED AREA sign will be posted as prescribed in TB 380-41, chapter 5. AR 190-13, paragraph 6-4, and USAREUR Regulation 190-13, appendix E, prescribe formats for USAREUR RESTRICTED AREA warning signs. External signs will not identify COMSEC facilities.
16. USE OF CAMERAS, REPRODUCTION, AND ELECTRONIC EQUIPMENT IN COMSEC FACILITIES
Use of cameras and electronic equipment in COMSEC facilities is controlled by--
a. TB 380-41. The TB gives restrictions on personal and Government-owned electronic equipment (for example, cameras, microwave ovens, radios, stereos, televisions, portable cassette players, videocassette recorders). These restrictions do not apply to secure subscriber terminal (SST) areas or COMSEC facilities used only for administration or storage.
b. The COMSEC facility standing operating procedure (SOP). The SOP will include instructions on controlling and detecting unauthorized reproduction on Government-owned copying or reproduction equipment operated in the facility.
17. RELEASING COMSEC MATERIAL TO CONTRACTORS
The COMSEC supplement to the National Industrial Security Program Operating Manual (NISPOM) gives guidance for releasing COMSEC material to Government contractors. The statement "COMSEC material access by contractor personnel restricted to U.S. citizens holding final Government clearance" will be on the front cover of the COMSEC document. This statement must also be on the SF 153 after "NOTHING FOLLOWS".
18. CLOSING COMSEC ACCOUNTS
To close a COMSEC account, follow the guidance in TB 380-41, paragraph 2.14.
a. The closure notification message will include the information required in TB 380-41 and the following:
(1) Intended closure date.
(2) Reason for closure and, when appropriate, the address of the new COMSEC support account.
(3) Number of COMSEC incident cases pending closure.
(4) Date the DCS was notified to cease delivery.
(5) Confirmation that controlling authorities have been notified.
(6) Date the account is expected to reach zero balance.
(7) Disposition of records.
(8) Disposition of the account's ACCLAIMS harddrive and software disks.
(9) Request for relief of accountability of the COMSEC custodian by name, rank, and social security number.
b. The COMSEC custodian will send the COMSEC account closure message for the commander to the addresses shown in figure 4-3.
19. COMSEC SUPPORT MEMORANDUM OF AGREEMENT
a. A COMSEC support memorandum of agreement (MOA) establishes an agreement between a unit commander (supported activity) who wants COMSEC support but does not have the personnel or financial resources and a unit commander who has an account and will provide COMSEC support (supporting activity).
b. All parties must understand their responsibilities before signing the MOA. Figure 4-4 is a sample MOA.
SECTION V
KEY MANAGEMENT
20. KEY MANAGEMENT GUIDELINES
a. Locally Generated Key.
(1) Until the Electronic Key Management System (EKMS) is fully implemented, commanders will follow guidance in the noncrytographic operational general publication (NAG) 16D, TB 380-41, and this pamphlet.
(2) Locally generated key encryption key (KEK) will be used-
(a) When physical delivery in loaded fill-devices is possible and operationally feasible.
(b) For tactical nets or circuits when over-the-air-key distribution (OTAD) is possible and authorized for use with STU-III, tri-service tactical communications (TRI-TAC), and mobile subscriber equipment (MSE) under the provisions of NAG 16D.
___________________________________________________________________________
DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-OR/SELCL-KP-
KEY/SELCL-KP-IN//and controlling authorities (as
applicable).
INFO: CDR (Headquarters of your command Inspector)
(USAREUR major command)
(Higher headquarters, as directed by unit SOP)
DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-AU//
CUSALAO SECKENHEIM GE//AMXLA-E-CCM//
CINCUSAREUR HEIDELBERG GE//AEAGB-CI-S/AEAIM-CO-SI/AEAGD-
SM//
CDR 66TH MI GP AUGSBURG GE//IAPG-SAS//
DIRNSA FT GEORGE G. MEADE MD//V51A/Y132/V61//
NCEUR VAIHINGEN GE//F29//
USATCMO-EUR 11TH SIG DET MANNHEIM GE//AFSE-CLC-
CMO/5BE001//(others optional, as appropriate)
SUBJECT: Request Closure of COMSEC Account (account number)
___________________________________________________________________________
Figure 4-3. COMSEC Account Closure Message Addresses
(3) Each COMSEC account holding COMSEC key will have a key-management SOP (app E). The SOP will meet the particular mission of each unit. It will contain information on how key will be procured, generated, managed, and destroyed. The SOP will require an (accountability) audit trail for electronic key on a AE Form 380-40C-R (Key Management Worksheet).
b. NSA-Generated STU-III Key.
(1) STU-III key will be issued and signed for on AE Form 380-40B-R (COMSEC Custodian STU-III Key Accountability Record).
(2) The COMSEC custodian will file AE Form 380-40B-R in file number 380-40m according to AR 25-400-2.
21. MANDATORY RECALL OF KEY STORAGE DEVICE-64 (KSD-64)
a. The EKMS central facility (CF) instituted a voluntary recall plan in 1992 that allowed for the return of excess key storage devices-64 (KSD-64s) from COMSEC accounts. The recall is now mandatory. The recall will save money and assure the future availability of the KSD-64A. The procedures for returning excess KSD-64As are in b through d below. These procedures have been revised from the original notification. Any deviation from the procedures in b through d below may result in the CF not being able to use the devices.
b. Although the recall is now mandatory, not every extra KSD-64A must be returned. A number of devices should remain on hand to be used as cryptoignition keys (CIKs). The number of devices will vary based on the number of STU-IIIs serviced by an account. The custodian will determine how many devices should be returned to the CF.
c. The items included in the recall are blank KSD-64As, CIK, and fill devices. Also included are Secure Data Network System (SDNS) keys, broken keys, and any keys from equipment that use the KSD-64A as a fill device. All keys should be removed from their corresponding terminals or zeroized. Any KSD device not used in the STU-III program (for example, KG-195, Caneware) must be zeroized in the STU-III three times. The KSD-64As should be clean, and key or luggage tags should not be attached.
d. All zeroized KSD-64As and CIKs should be returned to the EKMS. Custodians will-
(1) Send a letter (fig 5-1) to the EKMS CF 2 weeks before mailing the keys that list how many devices will be returned.
(2) Return zeroized keys to the EKMS CF (address shown in fig 5-1). Include a copy of the letter ((1) above) with the keys. Return the keys by U.S. Registered Mail. The package should be single-wrapped.
SECTION VI
INSPECTIONS, REVIEWS, AND INVENTORIES
22. COMMAND COMSEC INSPECTIONS
The command COMSEC inspector will conduct command COMSEC inspections for each COMSEC account and subaccount as prescribed in AR 380-40 and USAREUR Regulation 380-40. The unit commander will appoint a command COMSEC inspector.
___________________________________________________________________________
MEMORANDUM OF AGREEMENT
BETWEEN
(Supported Activity)
AND
(Supporting Activity)
COMSEC MATERIAL HAND-RECEIPT SUPPORT
1. PURPOSE. This memorandum of agreement (MOA) establishes an agreement
between the (supported activity) and the (supporting activity), identifies
resources involved, and delineates responsibilities of each signatory for
communications security (COMSEC) material hand-receipt support. This MOA is
a mutual commitment to ensure COMSEC material is issued by (supporting
activity) as COMSEC custodian on hand-receipt to the (supported activity)
and, once received, the COMSEC material is used properly, stored (when not
is use by appropriately cleared authorized persons), and accounted for as
prescribed in policy and procedures applicable to the material involved.
2. REFERENCES.
a. AR 380-40, Policy for Safeguarding and Controlling Communications
Security (COMSEC) Material, 1 September 1994.
b. DA Pam 25-16, Security Procedures for the Secure Telephone Unit,
Third Generation (STU-III), 1 April 1993.
c. DA Pam 25-380-2, Security Procedures for Controlled Cryptographic
Items, 10 January 1991.
d. TB 380-41, Procedures for Safeguarding, Accounting, and Supply
Control of COMSEC Material, 29 September 1995.
e. USAREUR Regulation 380-40, Safeguarding and Controlling
Communications Security Material, 2 May 1996.
f. Publications identified in AR 380-40, appendix A, that are relevant
to material being hand-receipted.
g. Other: (add appropriate references)
3. BACKGROUND.
a. Army elements authorized COMSEC material normally obtain direct
support by establishing a COMSEC account, according to TB 380-41. When
establishing a COMSEC account, the commander must select and appoint a
COMSEC custodian and at least one alternate custodian. Once appointed, the
custodian is responsible for the safeguarding, controlling, and accounting
for COMSEC material. COMSEC accounts are subject to various inspections,
audits, and inventories.
b. The amount and type of COMSEC support required and personnel
resources available may make establishing a COMSEC account impractical or
economically impossible. An alternative to establishing a COMSEC account is
to obtain required COMSEC material on hand-receipt from an established
COMSEC account, preferably one within the same chain of command. Hand-
receipt holders must safeguard, control, and account for COMSEC material
in their care. Hand-receipt holders of COMSEC material have fewer and less
time-consuming responsibilities than a COMSEC custodian.
c. Timely compliance with established policy and procedures and
cooperation between the custodian and the hand-receipt holder are essential
for long-term support.
4. SCOPE. This MOA implements the agreement for (supporting activity) to
issue COMSEC material to the (supported activity).
5. RESPONSIBILITIES.
a. The (supporting activity) will-
(1) Provide COMSEC material support for hand-receipt holders upon
request.
(2) Conduct oversight visits to the (supported activity) as required
to ensure the hand-receipt holder is properly using, safeguarding,
controlling, and accounting for COMSEC material according to AR 380-40, TB
380-41, and USAREUR Regulation 380-40.
(3) Issue guidance (including SOP) and provide advice and assistance
as required to the hand-receipt holder.
(4) Hand-receipt COMSEC material only to persons designated by the
supported commander or responsible official.
(5) Notify the supported commander or other responsible official at
the supported command when conditions or circumstances require attention.
(6) Provide the supported commander written notification a minimum of
60 days before termination of hand-receipt.
b. The (supported activity) will-
(1) Provide (supporting activity) a current listing of required COMSEC
material.
(2) Comply with Army policies and procedures and (supporting activity)
SOP applicable to using, safeguarding, controlling, and accounting for
COMSEC material.
(3) Provide (supporting activity) a list of cleared personnel
authorized to sign for COMSEC material under this MOA and update this list
as required to ensure it is current.
(4) Establish written procedures to ensure hand-receipt holders clear
their hand-receipts with (supporting activity) before permanent change of
station or reassignment to other duties.
(5) Promptly notify (supporting activity) when COMSEC material is
lost, out of control, misused, or otherwise subjected to a possible
insecurity.
(6) Be prepared to establish an organic COMSEC account, or to begin
receiving COMSEC support from an alternate source, within 60 days of
written notification by (supporting activity) that COMSEC hand-receipt
support under this MOA will be terminated.
6. REVIEW AND REVISION.
a. This agreement will be reviewed yearly. Review will be initiated by
(supporting activity) within 90 days of the first anniversary date.
b. Either agency may propose revision of this MOA at any time.
Additionally, the MOA will be amended, as necessary, to comply with
regulatory changes or changes in mission needs of either party.
7. EFFECTIVE DATE AND TERMINATION. This agreement will become effective on
signature by the Commander, (supporting activity), and the Commander,
(supported activity), and remain in effect for 3 years, unless extended or
terminated.
X_________________________ X_________________________
(Signature) (Signature)
SIGNATURE BLOCK SIGNATURE BLOCK
CDR, (supporting activity) CDR, (supported activity)
___________________ __________________
(date) (date)
___________________________________________________________________________
Figure 4-4. Sample MOA for COMSEC Hand-Receipt Support
___________________________________________________________________________
To: EKMS Central Facility
ATTN: Custodian CA 880103
P.O. Box 718
Finksburg, MD 21048-0718
From: CDR, 181st Signal Company
ATTN: CA 999999
CMR 420
APO AE 09014
Total number of excess devices returned from my account:
____________________. These keys have been removed from their terminals or
zeroized. If not used in the STU-III program, the keys have been zeroized
three times each.
FOR THE COMMANDER:
JOHN Q. PUBLIC
Staff Sergeant
Custodian CA 999999
___________________________________________________________________________
Figure 5-1. Format for Returning Zeroized Key
a. Policy and procedures for command COMSEC inspections are in AR 380-40 and TB 380-41. USAREUR units can use the guidance in this pamphlet, appendix F to prepare for USAREUR command COMSEC inspections. USAREUR command COMSEC inspections will include the special interest items listed in (1) through (11) below. The inspections will include verification that-
(1) The CONAUTH conducts annual reviews and sends a Cryptonet Systems Evaluation Report (CER) RCS: CSGID-131, to the USACCSLA according to TB 380-41. The CONAUTH also sends a summary of each review to the USACCSLA. A copy should be in the COMSEC account files.
(2) The property-book officer (PBO) and user (hand-receipt holder) CCI records were inspected within the past 24 months. The records must comply with DA Pamphlet 25-380-2 and AR 710-2).
(3) The COMSEC custodian and alternate custodians are appointed according to AR 380-40 and this pamphlet.
(a) Appointees should receive on-the-job training before attending the U.S. Standardized COMSEC Custodian Course, INTEL 34 (app G).
(b) A commander must have approval from the course proponent (Commander, USAREUR/7A, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014) before appointing an individual who has not had the standardized COMSEC Custodian Course as a COMSEC custodian.
(4) Information on DA Form 2012 (COMSEC Account Data) is current according to TB 380-41, paragraph 2.12.4 (fig 4-2).
(5) DA Form 2012 with original signatures is on file, and copies are sent to the following addresses:
(a) Office of Record (USACCSLA) or the COMSEC Material Direct Support Activity (CMDSA), as applicable.
(b) USAREUR COMSEC Inspector (Commander, USAREUR/7A, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014).
(c) Commander, USATCMO-E, 11th Signal Detachment, ATTN: AFSE-CLC-CMO/5BE001, Unit 29802, APO AE 09058.
(d) Chief, United States Army Logistics Assistance Office-Europe (USALAO-E), ATTN: AMXLA-E-CCM, Unit 29331, APO AE 09266.
(e) Other command-channel addresses, as appropriate. Appendix H is a list of COMSEC addresses.
(6) DA Form 1999-R (Restricted Area Visitor Register (LRA) is closed out following the last entry for the calendar year as follows:
---------CLOSED OUT---------(Signature)---------(Date)-------
(7) DD Form 1999-R is filed according to AR 25-400-2 under-
(a) File No: 380-40e.
(b) Disposition: Destroy after 1 year.
NOTE: A DD Form 1999-R needed by investigators for an incident report or investigation will become part of the report or investigation. These forms will have the same disposition as the report or investigation.
(8) DD Form 1435 (COMSEC Maintenance Training and Experience Record) is updated annually (AR 25-12, para 4-4).
(9) COMSEC account has an internal, external, and key management SOP, as applicable.
(10) The COMSEC emergency plan was coordinated with other units and directorates on the installation to include the provost marshal, safety officer, and fire marshal. Coordination is on file.
(11) Documented proof (for example, the signatures of participating personnel including disinterested witnesses of the practice) is on file.
b. Individuals appointed as command COMSEC inspectors will--
(1) Meet the unwaived requirements for COMSEC custodians and have written appointments according to AR 380-40.
(2) Be familiar with COMSEC policy and procedures in AR 380-5, AR 380-40, TB 380-41, USAREUR Regulation 380-40, and this pamphlet.
(3) Be a graduate of the Standardized COMSEC Custodian Course (SCCC).
c. The command COMSEC inspector will send inspection reports to the inspected unit within 20 workdays after the inspection. The inspected unit has 45 calendar days to reply with corrective actions taken. When discrepancies cannot be adjusted within 45 days, an interim reply is required. The inspected unit will send a copy of the basic report and reply to the inspecting unit or investigator by the suspense date. The inspected unit will send a copy of the report and the reply to the commander of the next higher headquarters for review. The next-higher headquarters above the inspected unit will ensure that the corrective action will be completed or in progress before they endorse the reply through command channels to the inspecting office.
23. REVIEWS AND INVENTORIES
Periodic reviews will be according to AR 380-40 and TB 380-41.