Index



USAREUR Pamphlet 380-40

Security

Communications Security (COMSEC) Custodian Guide

3 March 1997


This version includes change 1, 16 December 1997.


For the Commander in Chief:

ROBERT S. COFFEY
Major General, GS
Chief of Staff

Official:

Seal

ROBERT L. NABORS
Brigadier General, GS
Deputy Chief of Staff,
Information Management

Summary. This pamphlet is a guide for communications security account personnel in USAREUR. This pamphlet will be used with AR 380-40, USAREUR Regulation 380-40, and Technical Bulletin 380-41.

Applicability. This pamphlet applies to organizations and activities in USAREUR. This pamphlet also applies to units supported by USAREUR.

Forms. Only -R forms may be reproduced locally on 8½ - by 11-inch paper through the servicing forms management office. Other forms will not be reproduced; they will be ordered by the unit or organization publications officer from the United States Army Printing and Publications Center, Europe, or as stated in the prescribing directive.

Suggested Improvements. The proponent of this pamphlet is the Office of the Deputy Chief of Staff, Intelligence, HQ USAREUR/7A (AEAGB-CI-S, 370-7214). Users may send suggestions to improve this pamphlet on DA Form 2028 (Recommended Changes to Publications and Blank Forms) to the Commander, USAREUR/7A, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014.

Distribution. Distribute according to DA Form 12-88-E, block 0800, command level A.


CONTENTS

SECTION I
INTRODUCTION

SECTION II
PHYSICAL PROTECTION AND ACCOUNTABILITY OF COMSEC MATERIAL

SECTION III
PROTECTING COMSEC MATERIAL IN EMERGENCIES

SECTION IV
COMSEC FACILITIES

SECTION V
KEY MANAGEMENT

SECTION VI
INSPECTIONS, REVIEWS, AND INVENTORIES

SECTION VII
SURVEILLANCE

SECTION VIII
CONTROLLED CRYPTOGRAPHIC ITEMS

SECTION IX
DEPARTMENT OF THE ARMY CRYPTOGRAPHIC ACCESS PROGRAM

Appendixes
A. References
B. ACCLAIMS Instructions
C. Emergency Plan
D. Hand-Receipt Holder, User, and Witness Responsibilities
E. Sample Key Management Standing Operating Procedure
F. Command Inspections
G. Standardized COMSEC Custodian Course
H. Mail and Message Addresses
I. Sample COMSEC Incident or CCI Incident Report

Glossary


SECTION I
INTRODUCTION

1. PURPOSE
This pamphlet--

2. REFERENCES
Appendix A lists references.

3. ABBREVIATIONS AND TERMS
AR 380-19, AR 380-40, USAREUR Regulation 380-40, and publications listed in this pamphlet, appendix A, explain terms used in this pamphlet. The glossary defines abbreviations used in this pamphlet.

4. RESOLVING CONFLICTS

SECTION II
PHYSICAL PROTECTION AND ACCOUNTABILITY OF COMSEC MATERIAL

5. CONTROL OF CLASSIFIED COMSEC MATERIAL
Classified COMSEC material, when not stored according to AR 380-5, AR 380-40, USAREUR Regulation 380-40, and TB 380-41, will be in the physical possession of a properly cleared personnel.

6. ACCOUNTING LEGEND CODE (ALC) 3 MATERIAL
The Army is eliminating accounting legend code (ALC) 3 material from its inventory. The Army plans a time-phased transition from ALC 3 to ALC 1 or ALC 4. Army COMSEC accounts will not adhere to another service or joint-serve controlling authority (CONAUTH) instructions for the conversion of ALC 3 key unless specifically instructed by the United States Army Communications-Electronic Command, Communications Security Logistics Activity (USACCSLA).

NOTE: Short titles managed by non-Army controlling authorities are not affected by these instructions. The following procedure explains message, HQ USACCSLA, SELCL-KP-KEY, 171458Z April 1996, subject: Accounting Legend Code (ALC) 3 Material.

7. CONTROL OF TOP SECRET KEYING MATERIAL

8. TRANSPORTING COMSEC MATERIAL

9. COMSEC MATERIAL TURN-IN PROCEDURES


DEPARTMENT OF THE ARMY
444th MILITARY INTELLIGENCE BATTALION
UNIT 12345
APO AE 09000
AEAXX-XX1 November 1996
MEMORANDUM FOR Deputy Chief of Staff, Intelligence, USAREUR, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014
SUBJECT: Request for Exception to Policy to Transport Classified COMSEC Material Aboard Non-U.S. Flag Aircraft.
1. References:

    a. AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material.

    b. USAREUR Regulation 380-40, Safeguarding and Controlling Communications Security Material.
2. According to the above references, request approval to courier Secret collateral keying material (USKAT-11111) aboard a non-U.S. flag aircraft to Zagreb, Croatia, to support Operation Joint Endeavor.
3. AR 380-40 allows USAREUR commanders to approve transporting COMSEC material on non-U.S. flag aircraft in an operational necessity. The AR restricts this approval to the lowest general-officer level.
4. The keying material is essential for mission-accomplishment. The material must be in the sight of the courier at all times.
NOTE: List information required in USAREUR Regulation 380-40, paragraph 7, here.
5. Point of contact is CW4 Robert Jones, 444-1111/2222.
FOR THE COMMANDER:
 JOHN H. WILLIAMS
Lieutenant Colonel, MI
Plans and Operations Officer
Figure 2-2. Sample Request to Courier Classified COMSEC Material Aboard Non-U.S. Flag Aircraft



SECTION III
PROTECTING COMSEC MATERIAL IN EMERGENCIES

10. PRIORITY FOR EMERGENCY-DESTRUCTION OF MATERIAL
TB 380-41 lists priorities for destroying classified and unclassified sensitive material (precautionary or total destruction) in emergencies.

11. COORDINATION AND APPROVAL
The COMSEC custodian will prepare an emergency plan according to TB 380-41, AR 190-13, USAREUR Regulation 190-13, and this pamphlet, for the installation physical-security plan (app C). Commanders will approve the plan after coordinating it with staff agencies. The plan will list organizations that must be notified during an emergency. A sample emergency plan is in this pamphlet, appendix C.

SECTION IV
COMSEC FACILITIES

12. ESTABLISHING COMSEC FACILITIES

13. MOSS HAMILTON X-07 LOCK
The Moss Hamilton X-07 Lock is the primary replacement lock for existing mechanical combination locks. This lock has three system selections.

14. COMSEC ACCOUNT DATA FORM
Figure 4-2 is a sample DA Form 2012 completed according to TB 380-41, paragraph 2.12.4.


DEPARTMENT OF THE ARMY
HEADQUARTERS, V CORPS
UNIT 29335
APO AE 09014
AETV-IM-CCMO (380-40a)1 November 1996
MEMORANDUM THRU Commander, (Your higher headquarters, mailing address) (Any thru lines must be initialed)
FOR Director, United States Army, Communications-Electronic Command, Communications-Electronic Command,
Communications Security Logistics Activity, ATTN: SELCL-KP-AU, Fort Huachuca, AZ 85613-7090
SUBJECT: COMSEC Facility Approval Request (CFAR)
1. References:

    a. AR 380-5, Department of the Army Information Security Program, 25 February 1988, appendix H.

    b. AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material, 1 September 1994, chapter 4.

    c. TB 380-41, Procedures for Safeguarding, Accounting, and Supply Control of COMSEC Material, 1 October 1994, paragraph 2.1.2.
2. This command has a requirement to establish or update (as appropriate) a COMSEC facility.

    a. General Information:

      (1) Commander, V Corps
      ATTN: AETV-IM-CCMO/5CE016
      Unit 29335
      APO AE 09014

      (2) UIC: WCDWAA

      (3) Telephone Numbers: Commercial: 49-6221-57-5635, DSN: 370-5635/5634.

      (4) COMSEC Account Number: 5CE016. (to be announced (TBA), if account number not assigned)

      (5) Facility Location: Room 006, Basement Floor, Building 5, Campbell Barracks, Heidelberg, Germany. If requesting a safe as the facility state, "General Services Administration (GSA)-approved safe in room x."

      (6) Point of Contact: CW2 Rocha or SFC Morales (telephone number if different from (3) above).

      (7) Type of Request: Update or (Initial because of Establishment or Relocation).

      (8) Classification Information: Top Secret (TS) or (highest classification of material received or held).

    b. Purpose: Operations, distribution, maintenance, administrative, storage, or other, according to TB 380-41, para 2.1.2b. Indicate primary purpose (for example, storage, and distribution).

    c. General Cryptosystems: Use short-title of "System" on hand or authorized that the account will be supporting (for example, Vinson, mobile subscriber equipment (MSE), secure telephone unit-third generation (STU-III), KG-84, Global Positioning system (GPS)).

    d. Physical Security: Provide physical security description of the facility according to TB 380-41, paragraph 2.1.2d, and AR 380-5, appendix H. Also, identify any type of alarm system (for example, the building that will house COMSEC Account 5CE016 is of substantial brick masonry construction. The class "A" vault-type room has three rooms and an entry hall that meets the standards in AR 380-5, app H).

      (1) Walls: The perimeter walls are 8" thick and have three air vents and two windows. The air vents and windows are barred.

      (2) Floor: The floor is solid concrete with tile covering.

      (3) Ceiling: The ceiling is solid concrete.

      (4) Windows: This facility has two 17 1/2" X 26 1/2" windows. Each window has five vertical and three horizontal bars with a distance of 4 inches between them. The windows are mounted in the concrete wall.

      (5) Entry and Exit: This COMSEC facility has one, single reinforced, 3 inch-thick steel door with built-in three-position, group one, dial combination-lock, along with a steel day gate equipped with an electronic cipher lock used as entry and exit. Between the steel door and the day gate there is another door that has a dead bolt lock. The vault is also secured with a standard JSIIDS alarm system connected to the military police desk at the front gate of Campbell Barracks. The alarm is activated during non-duty hours. In the event of an alarm, security personnel can respond within 15 minutes.
NOTE: If request is for a TS facility, identify the provisions to store material, according to TPI. If facility is to be a GSA-approved safe, identify secondary barriers, include access control when container is open.
      (6) There are three rooms within the vault: a storage room between the first door and the day gate, the middle room that houses the safes, and the back room that is office space. There is also a hallway that houses a telephone distribution box for the building.

    e. Material and Equipment Security: (Describe protection of material during nonworking hours, according to TB 380-41, para 2.1.2e.) All classified and COMSEC material not under the direct continuous control of cleared and authorized personnel is stored in GSA-approved containers that are in the COMSEC facility.

      (1) Top Secret (TS) keying material is managed and stored in a no-lone zone. When not stored, TS material is handled according to two-person integrity (TPI) rules (in possession of two TS-cleared persons).

      (2) TS keying material is secured in a four-drawer, five-lock GSA-modified approved container. One of the five locks is identified as the "RED" side and another one as the "BLUE" side. The "BLUE" side has one Sergeant and Greenleaf three-position lock. The "RED" side has four Sergeant and Greenleaf padlocks located at each drawer (Federal Specifications FF-P-110 8077A).

    f. Standards Statement: Applicable standards can (or can not) be met for the storage and destruction of COMSEC material as required by TB 380-41, paragraph 2.1.2f.
FOR THE COMMANDER:
 GENE TYLER
Lieutenant Colonel, GS
Deputy Chief of Staff, Information Management
(CFAR must be signed by the commander or an authorized representative.)
AR 25-55, para 3-200, exemption 3a, prescribes protective markings.
(At a minimum, memorandum will be marked:)
FOR OFFICIAL USE ONLY
Figure 4-1. Sample COMSEC Facility Approval Request



15. IDENTIFYING COMSEC FACILITIES
A bilingual RESTRICTED AREA sign will be posted as prescribed in TB 380-41, chapter 5. AR 190-13, paragraph 6-4, and USAREUR Regulation 190-13, appendix E, prescribe formats for USAREUR RESTRICTED AREA warning signs. External signs will not identify COMSEC facilities.

16. USE OF CAMERAS, REPRODUCTION, AND ELECTRONIC EQUIPMENT IN COMSEC FACILITIES
Use of cameras and electronic equipment in COMSEC facilities is controlled by--

17. RELEASING COMSEC MATERIAL TO CONTRACTORS
The COMSEC supplement to the National Industrial Security Program Operating Manual (NISPOM) gives guidance for releasing COMSEC material to Government contractors. The statement "COMSEC material access by contractor personnel restricted to U.S. citizens holding final Government clearance" will be on the front cover of the COMSEC document. This statement must also be on the SF 153 after "NOTHING FOLLOWS".

18. CLOSING COMSEC ACCOUNTS
To close a COMSEC account, follow the guidance in TB 380-41, paragraph 2.14.

19. COMSEC SUPPORT MEMORANDUM OF AGREEMENT

SECTION V
KEY MANAGEMENT

20. KEY MANAGEMENT GUIDELINES


___________________________________________________________________________

       DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-OR/SELCL-KP-
       KEY/SELCL-KP-IN//and controlling authorities (as 
       applicable).
 INFO: CDR (Headquarters of your command Inspector)
       (USAREUR major command)
       (Higher headquarters, as directed by unit SOP)
       DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-AU//
       CUSALAO SECKENHEIM GE//AMXLA-E-CCM//
       CINCUSAREUR HEIDELBERG GE//AEAGB-CI-S/AEAIM-CO-SI/AEAGD-
       SM//
       CDR 66TH MI GP AUGSBURG GE//IAPG-SAS//
       DIRNSA FT GEORGE G. MEADE MD//V51A/Y132/V61//
       NCEUR VAIHINGEN GE//F29//
       USATCMO-EUR 11TH SIG DET MANNHEIM GE//AFSE-CLC-
       CMO/5BE001//(others optional, as appropriate)

SUBJECT: Request Closure of COMSEC Account (account number)
___________________________________________________________________________

Figure 4-3. COMSEC Account Closure Message Addresses

21. MANDATORY RECALL OF KEY STORAGE DEVICE-64 (KSD-64)

SECTION VI
INSPECTIONS, REVIEWS, AND INVENTORIES

22. COMMAND COMSEC INSPECTIONS
The command COMSEC inspector will conduct command COMSEC inspections for each COMSEC account and subaccount as prescribed in AR 380-40 and USAREUR Regulation 380-40. The unit commander will appoint a command COMSEC inspector.


___________________________________________________________________________

                            MEMORANDUM OF AGREEMENT

                                    BETWEEN

                              (Supported Activity)

                                      AND

                              (Supporting Activity)

                       COMSEC MATERIAL HAND-RECEIPT SUPPORT


1. PURPOSE. This memorandum of agreement (MOA) establishes an agreement 
between the (supported activity) and the (supporting activity), identifies 
resources involved, and delineates responsibilities of each signatory for 
communications security (COMSEC) material hand-receipt support. This MOA is 
a mutual commitment to ensure COMSEC material is issued by (supporting 
activity) as COMSEC custodian on hand-receipt to the (supported activity) 
and, once received, the COMSEC material is used properly, stored (when not 
is use by appropriately cleared authorized persons), and accounted for as 
prescribed in policy and procedures applicable to the material involved.

2. REFERENCES.

   a. AR 380-40, Policy for Safeguarding and Controlling Communications 
Security (COMSEC) Material, 1 September 1994.

   b. DA Pam 25-16, Security Procedures for the Secure Telephone Unit, 
Third Generation (STU-III), 1 April 1993.

   c. DA Pam 25-380-2, Security Procedures for Controlled Cryptographic 
Items, 10 January 1991.

   d. TB 380-41, Procedures for Safeguarding, Accounting, and Supply 
Control of COMSEC Material, 29 September 1995.

   e. USAREUR Regulation 380-40, Safeguarding and Controlling 
Communications Security Material, 2 May 1996.

   f. Publications identified in AR 380-40, appendix A, that are relevant 
to material being hand-receipted.

   g. Other: (add appropriate references)

3. BACKGROUND.

   a. Army elements authorized COMSEC material normally obtain direct 
support by establishing a COMSEC account, according to TB 380-41. When 
establishing a COMSEC account, the commander must select and appoint a 
COMSEC custodian and at least one alternate custodian. Once appointed, the 
custodian is responsible for the safeguarding, controlling, and accounting 
for COMSEC material. COMSEC accounts are subject to various inspections, 
audits, and inventories.

   b. The amount and type of COMSEC support required and personnel 
resources available may make establishing a COMSEC account impractical or 
economically impossible. An alternative to establishing a COMSEC account is 
to obtain required COMSEC material on hand-receipt from an established 
COMSEC account, preferably one within the same chain of command. Hand-
receipt holders must safeguard, control, and account for COMSEC material 
in their care. Hand-receipt holders of COMSEC material have fewer and less 
time-consuming responsibilities than a COMSEC custodian.

   c. Timely compliance with established policy and procedures and 
cooperation between the custodian and the hand-receipt holder are essential 
for long-term support.

4. SCOPE. This MOA implements the agreement for (supporting activity) to 
issue COMSEC material to the (supported activity).

5. RESPONSIBILITIES.

   a. The (supporting activity) will-

     (1) Provide COMSEC material support for hand-receipt holders upon 
request.

     (2) Conduct oversight visits to the (supported activity) as required 
to ensure the hand-receipt holder is properly using, safeguarding, 
controlling, and accounting for COMSEC material according to AR 380-40, TB 
380-41, and USAREUR Regulation 380-40.

     (3) Issue guidance (including SOP) and provide advice and assistance 
as required to the hand-receipt holder.

     (4) Hand-receipt COMSEC material only to persons designated by the 
supported commander or responsible official.

     (5) Notify the supported commander or other responsible official at 
the supported command when conditions or circumstances require attention.

     (6) Provide the supported commander written notification a minimum of 
60 days before termination of hand-receipt.

   b. The (supported activity) will-

     (1) Provide (supporting activity) a current listing of required COMSEC 
material.

     (2) Comply with Army policies and procedures and (supporting activity) 
SOP applicable to using, safeguarding, controlling, and accounting for 
COMSEC material.

     (3) Provide (supporting activity) a list of cleared personnel 
authorized to sign for COMSEC material under this MOA and update this list 
as required to ensure it is current.

     (4) Establish written procedures to ensure hand-receipt holders clear 
their hand-receipts with (supporting activity) before permanent change of 
station or reassignment to other duties.

     (5) Promptly notify (supporting activity) when COMSEC material is 
lost, out of control, misused, or otherwise subjected to a possible 
insecurity.

     (6) Be prepared to establish an organic COMSEC account, or to begin 
receiving COMSEC support from an alternate source, within 60 days of 
written notification by (supporting activity) that COMSEC hand-receipt 
support under this MOA will be terminated.

6. REVIEW AND REVISION.

   a. This agreement will be reviewed yearly. Review will be initiated by 
(supporting activity) within 90 days of the first anniversary date.

   b. Either agency may propose revision of this MOA at any time. 
Additionally, the MOA will be amended, as necessary, to comply with 
regulatory changes or changes in mission needs of either party.

7. EFFECTIVE DATE AND TERMINATION. This agreement will become effective on 
signature by the Commander, (supporting activity), and the Commander, 
(supported activity), and remain in effect for 3 years, unless extended or 
terminated.


X_________________________          X_________________________
(Signature)                          (Signature)

SIGNATURE BLOCK                      SIGNATURE BLOCK
CDR, (supporting activity)           CDR, (supported activity)

___________________                  __________________
(date)                               (date)
___________________________________________________________________________

Figure 4-4. Sample MOA for COMSEC Hand-Receipt Support


___________________________________________________________________________

To:     EKMS Central Facility
ATTN:   Custodian CA 880103
        P.O. Box 718
        Finksburg, MD 21048-0718

From:   CDR, 181st Signal Company
ATTN:   CA 999999
        CMR 420
        APO AE 09014

       Total number of excess devices returned from my account: 
____________________. These keys have been removed from their terminals or 
zeroized. If not used in the STU-III program, the keys have been zeroized 
three times each.

FOR THE COMMANDER:



                                JOHN Q. PUBLIC
                                Staff Sergeant
                                Custodian CA 999999
___________________________________________________________________________

Figure 5-1. Format for Returning Zeroized Key

NOTE: A DD Form 1999-R needed by investigators for an incident report or investigation will become part of the report or investigation. These forms will have the same disposition as the report or investigation.

23. REVIEWS AND INVENTORIES
Periodic reviews will be according to AR 380-40 and TB 380-41.