29 May 1999
Source: http://www.access.gpo.gov/su_docs/aces/fr-cont.html

See full report of this excerpt: http://jya.com/s1059-pigs.zip

And report of Defense authorization bill: http://jya.com/hr106-162.zip

-----------------------------------------------------------------------

[Congressional Record: May 27, 1999 (Senate)]

        NATIONAL DEFENSE AUTHORIZATION ACT FOR FISCAL YEAR 2000

  The PRESIDING OFFICER. Under the previous order, the Senate will now
resume consideration of S. 1059, which the clerk will report.
  The legislative assistant read as follows:

       A bill (S. 1059) to authorize appropriations for fiscal
     year 2000 military activities of the Department of Defense,
     for military construction, and for defense activities of the
     Department of Energy, to prescribe personnel strengths for
     such fiscal year for the Armed Forces, and for other
     purposes.

[Excerpt]

  Mr. MURKOWSKI. 
  Regarding the waiver, we have learned that on March 22, 1995, the Los
Alamos Lab issued a policy to all employees, including Wen Ho Lee,
stating that ``the laboratory or Federal Government may without notice
audit or access any user's computer.''
  On April 19, 1995, Wen Ho Lee signed a waiver at the DOE Lab to allow
his computer to be accessed. This is the actual copy of the waiver that
Wen Ho Lee signed on April 19, 1995.
  Mr. President, I ask unanimous consent that the ``Rules of Use''
which Wen Ho Lee signed be printed in the Record.
  There being no objection, the material was ordered to be printed in
the Record, as follows:

                              Rules of Use

                   x-division open local area network

       WARNING: To protect the LAN systems from unauthorized use
     and to ensure that the systems are functioning properly,
     activities on these systems are monitored and recorded and
     subject to audit. Use of these systems is expressed consent
     to such monitoring and recording. Any unauthorized access or
     use of this LAN is prohibited and could be subject to
     criminal and civil penalties.
       Passwords. User passwords are assigned by the X-Division
     Computing Services (XCS) Team. Exceptions may only be granted
     by the CSSO. Users may not use their unclassified ICN
     password. Passwords must be changed each year in cooperation
     with an Open LAN Computer Security Officer or network
     administrator. Passwords will not be given out or shared with
     any other person. Users may not change their passwords. Users
     will protect passwords according to Laboratory requirements.
       Classified Computing. No classified information or
     computing is allowed on the X-Division Open LAN.
       User Responsibilities. Users are responsible for:
       Ensuring that information, especially sensitive
     information, is properly protected.
       Restricting access to their workstation or terminal when it
     is not attended. The workstation or terminal should be set to
     a state where a user password is required to gain access
     (e.g., lockscreen software) or the office door is locked.
       Using the X-Division Open LAN only for official business
     purposes.
       Properly reviewing, marking, protecting, accounting for,
     and disposing of their computer output containing sensitive
     unclassified information. See X-Division Guidance on
     Computers, available from the XCS Team, for more information.
       Properly labeling and logging of all recording media,
     including local storage devices. See X-Division Guidance on
     Computers for more information.
       Installing and using virus control programs, if applicable
     to their system.
       Reporting security-related anomalies or concerns to the X-
     Division Computer Security Officers.
       Promptly reporting changes in the location, ownership, or
     configuration of their workstation to the X-Division
     Computing Services Team.
       Promptly registering all computer systems (open,
     classified, standalone, networked, and portable) with the X-
     Division Computing Services Team to comply with DOE and
     Laboratory orders.
       Posting their Rules of Use and workstation information
     addendum next to their workstations.
       User Restrictions. Users are not permitted to:
       Use a workstation or terminal to simultaneously access
     resources in different security partitions. Workstations
     which move between different security partitions must be
     sanitized according to the X-Division Computer Sanitization
     Policy which must be posted next to such workstations.
       Install or modify software which has an adverse effect on
     the security of the LAN.
       Add other users or systems without the prior approval of an
     X-Division Computer Security Officer.
       I understand and agree to follow these rules in my use of
     X-Division OPEN LAN. I assume full responsibility for the
     security of my workstation. I understand that violations may
     be reported to my supervisor or FSS-14, that I may be denied
     access to the LAN, and that I may receive a security
     infraction for a violation of these rules.
       Signed: Wen Ho Lee.
       Date: April 19, 1995.

-----
