U.S. Department of Transportation
Federal Aviation Administration
Privacy Impact Assessment
Logical Access and Authorization Control Service (LAACS)
February 10, 2009
TABLE OF CONTENTS
Overview of Privacy Management Process
Personally Identifiable Information (PII) and LAACS
Why LAACS Collects Information
How LAACS Uses Information
How LAACS Shares Information
How LAACS Provides Notice and Consent
How LAACS Ensures Data Accuracy
How LAACS Provides Redress
How LAACS Secures Information
How Long LAACS Retains Information
System of Records
The Federal Aviation Administration (FAA), within the Department of Transportation (DOT), has been given the responsibility to carry out safety programs to ensure the safest, most efficient aerospace system in the world. The FAA is responsible for:
- Regulating civil aviation to promote safety;
- Developing and operating a system of air traffic control and navigation for both civil and military aircraft;
- Developing and carrying out programs to control aircraft noise and other environmental effects of civil aviation; and
- Regulating U.S. commercial space transportation.
One of the programs that helps the FAA fulfill this mission is the Logical Access and Authorization Control Service (LAACS).
The LAACS system consists of hardware, software, human capital, business functions, processes, and informational functionality. The LAACS Support System Infrastructure (LSSI) provides access to the IBM Rational tool set through a VMware Virtual Desktop Interface (VDI). The VDI provides web enabled access to FAA users and Technical Center LAACS team members. The LSSI is a fully functional test environment that will support Identity Management System (IDMS), vendor solutions for FAA testing. Once an IDMS vendor is selected, LAACS will provide automated mechanisms to support the secure authentication of users to system resources and will provide a cohesive solution for the management of information system accounts across the enterprise.
It will consist of two major components: a metadirectory services component and a policy management services component. The latter is positioned on the Logical Access Control Policy Server (LACPS). The metadirectory services will provide the capability to reconcile logical identities across multiple internal and external authoritative identity databases, such as the FAA personal identification verification (PIV) authoritative database (PAD), Network Logon, Email access, Human Resources (HR), and Customer Relationship Management (CRM) databases. The coded tables directory services reconciliation will ensure compliance with HSPD-12 requirements. The LACPS will integrate multi-level authentication, with multi-role and attribute authorization, and multi-level asset audit security controls for the DOT and FAA internal and external access of data and systems. This will apply to all organizations or individuals, whether domestic or foreign, that interact or collaborate with either. LAACS is a non-mission critical system.
The LAACS system contains both personally identifiable information (PII) and non-personally identifiable information pertaining to personal identification verification (PIV) card enrollees. PII collected in the LAACS system may include but is not limited to the following:
- Name: First, Last, Middle Initial
- Employee ID Number
- Clearance Background Information
- Telephone Number
- Address: Business, Home
- Unique Identification (UID)
- Cardholder Unique Identifier (CHUID)
- X 509 data
- Finger Print data
- Physical Description data
An individual’s PII is entered into the LAACS system electronically during issuance of the FAA PIV Card. The data is transferred to LAACS from the PIV authoritative database PAD Customer Service Management (CSM) registration process database.
LAACS collects information in order to verify logical access to information resources.
Information in LAACS is used for individual authentication.
PII contained in LAACS is shared electronically with the PIV Card CSM database for validation and query purposes.
For an individual’s PII to be included in the LAACS, that individual must have completed the PIV card enrollment process and be approved by a FAA sponsor. During enrollment a FAA approved privacy statement is presented to every individual requesting a PIV card.
LAACS PII data is received through the electronic PIV Card enrollment process. LAACS protects the PII data by ensuring check sums are in place for certain PII data and labels.
Under the provisions of the Privacy Act, individuals may request searches of the LAACS file to determine if any records have been added that may pertain to them. This is accomplished by sending a written request directly to the LAACS program office that contains name, authentication information, and information regarding the request. FAA does not allow access through either the Internet or Intranet to the information stored in the LAACS Meta Directory.
Individuals requesting redress can contact the LAACS system Program Manager located at 600 Maryland Avenue Southwest, Suite 760-E, Washington, D.C. 20024
LAACS takes appropriate security measures to safeguard PII and other sensitive data. LAACS is located in a locked and secured environment, 24/7, and access is strictly controlled and monitored. Access to the data is strictly monitored and limited to individuals that have a “need to know” for access.
In addition, access to LAACS PII is limited according to job function. LAACS access control privileges are set according to the following roles:
- System Owner
- System Administrator
- LAACS Team Leads
- IDMS Integrator
The matrix below describes the levels of access and safeguards around each of these roles as they pertain to PII.
|User (Level 3)|
|User (Level 2)|
The information is retained at FAA Headquarters by the system administrators and Regional Administrators. When there is no longer disk space available on the monitors' hard disks, the files are released to the operating system for re-write. This means the files are ``marked'' internally as eligible for the computer operating system to overwrite with subsequent data. FAA will comply with requirements of the National Archives and Records Administration (NARA). NARA regulations state that electronic files created to monitor system usage are authorized for erasure or deletion when the agency determines that they are no longer needed for administrative, legal, audit, or other operational purposes. Generally, these (and any associated hard copy) files will be authorized for deletion after 30 days unless needed for official purposes. Not all locations at HQ or in the regions, will be collecting information at all times.
LAACS is a system of records subject to the Privacy Act because it is searched by a unique identifier. The Privacy Act System of Record is DOT/ALL 13 Internet/Intranet Activity and Access Records.