MSCA Accountability

Document ID : KB000012835
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Is there a way to force a user to logon with their own id to use the MSCA id in Top Secret and audit this event?

Similar to how you SU to an id in Unix.

We have a client that wants to implement controls surrounding the use of the MSCA id.

Right now if you logon and issue commands using the MSCA id, you can't tell who signed on with the MSCA id.

The Audit and Recovery file only shows the MSCA id being used to issue commands. We need to identify the person that used the MSCA id and audit that event.

Answer:

Currently, there is no built in functionality to track who uses the MSCA. Would suggest submitting it an enhancement .

Most sites log have a system where they check out the MSCA when they want to use it and check it in when they are done. Some have a manual process and some have an automated process.

A user written program could be written to force the user to signon, log the activity to some kind of dataset or log file, then generate a new MSCA password and give it to the user. When the user is done, another program could be created to reset the password to something else so it can no longer be used and log to a file or dataset that the MSCA was checked back in.