Kennedy Space Center to launch access system

The Kennedy Space Center soon will become the first NASA center to install an advanced automated system to request and approve security credentials for visitors center employees and contractors.

Kennedy officials plan to solicit proposals early next year for a new database and software application for the Personnel Access Security System (PASS) a centralized repository that will contain up to 32 000 records for individuals who require regular access to the center and up to 90 000 visitor records.

PASS will eliminate the center's paper-based system for receiving and approving visitor-pass requests and controlling employee and contractor access to restricted areas said John Hedrick lead software design engineer in Kennedy's engineering department. Although the Naval Command Control and Ocean Surveillance Center in San Diego has deployed a similar access system PASS will be NASA's first automated personnel security system he said.

Obtaining a Visitor's Pass Members of the public who wish to visit the center can request via the World Wide Web a visitor's pass from the PASS database which will interface with an existing system to allow an automated response to the request Hedrick said. Currently eight people review visitor-pass requests.

The system which will feature user-password and encryption technology to ensure that sensitive data is restricted to users with proper clearance also will automatically approve or delete employee and contractor access to restricted areas Hedrick said. Although Kennedy officials have not finalized plans for the software application development work for PASS the database development work will be contracted out as a single award he said.

Because the scope of the work has not yet been defined Hedrick could not provide an estimated value of the contract. The system also will include a commercial off-the-shelf digital-imaging system for employee badge production.

Thomas Beadle technical director for commands technology and intelligence integration at Mitre Corp.'s McLean Va. office said the concept of users obtaining access to a single database via a public network was unthinkable to many federal users until a couple of years ago.

However government officials recently have become more willing to accept some of the risks associated with this type of access system according to Beadle. "The concept of having one database allow different levels of access is something that the government has been trying to do for years and they haven't gotten there yet " Beadle said.

Higher Security In the past the main barrier to launching this type of system has been the difficulty in properly labeling data to reflect the authorization a user needs to access it Beadle said. However many system designers allowing user access via the Web see databases as providing an additional level of security said Jackie McAlexander senior system engineer with Informix Software Inc.'s Federal Division.

While a Web server can require a user name and password for low-level access - such as allowing access to a Web page - that user name and password can be passed on to a database to determine what level of data a user is authorized to view she said.

Historically most databases have granted "discretionary access" to users by system administrators who control which users will be allowed or restricted from seeing certain information McAlexander said.

The more advanced databases such as the type NASA will be purchasing feature automated access granted by the system itself. "It takes the discretion out of the equation " she said.