Browse the Archive

Why Have Names Changed in SEARCHLIGHT? (repost)

Collapse Details
/2
1/2

DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL (U//FOUO) Why Have Names Changed in SEARCHLIGHT? (repost) FROM: SIGINT Communications Unknown Run Date: 05/30/2003 (U//FOUO) You may have noticed that many names are now appearing differently in SEARCHLIGHT-- often middle initials have been replaced with the person's full middle name. Why is it happening, and how can you have your entry changed if it is not appearing correctly? We'll get to the "why" a little later, but first the "how": If your middle name now appears in full and used to be just an initial, you cannot have it changed back to just the initial. If an incorrect middle name is now appearing, you can have it changed by contacting "ISMT" ( nsa or DL ISMT). (U//FOUO) Now on to the "why": CONCERTO is the Agency's personnel system. Most of your personnel information is in what we'll call the "HR" part of CONCERTO. This is what you, your supervisor, and other authorized people see when you log into CONCERTO and look at your profile. Stuff like your awards, past assignments, etc. is in there. Obviously your name and your SSN are part of HR CONCERTO for identification purposes. There is also a SECURITY part of CONCERTO. This is where your clearances, etc. are kept. Your name and SSN are also part of SECURITY CONCERTO for identification purposes. The two parts of CONCERTO are kept separate for obvious security reasons, but "Mary Jane Smith" with SSN: 123-456-7890 in HR CONCERTO is the same person as "Smith,Mary Jane" with SSN: 123-456-7890 in SECURITY CONCERTO. (U//FOUO) SEARCHLIGHT is the Agency's corporate directory service. The "registration" of your name and SSN in SEARCHLIGHT (for those of you whose SEARCHLIGHT records are marked "confirmed") originated in the HR CONCERTO. In HR CONCERTO, middle initials tend to be more prevalent than middle names. So "Mary Jane Smith" may have appeared in SEARCHLIGHT as "Mary J. Smith". (U//FOUO) ...ENTER THE PKI CERTIFICATE: (U//FOUO) A required part of creating the PKI certificate, which is used to electronically identify you, is the inclusion of your full name. Because your PKI will be used for identification in electronic systems and exchanges (such as e-mail), the corporate directory system, SEARCHLIGHT, must now have you registered with your full name. Part of your PKI certificate also includes your security credentials and the official source of this information is SECURITY CONCERTO. To get your PKI certificate, your full name must be in SEARCHLIGHT and must match your full name in SECURITY CONCERTO. So, in order to get a PKI certificate, "Mary J. Smith" in SEARCHLIGHT must be changed to "Mary Jane Smith." In addition, for those people who did not already have a PKI certificate by March 2003, it is important to know that the name change has already occurred in SEARCHLIGHT. For those who already had a PKI certificate at that time, the name change has been delayed until it is time to renew the PKI certificate. When those people renew their PKI certificate, a process will be triggered to automatically change their SEARCHLIGHT name to match their SECURITY CONCERTO name. If there are any differences between the way names are stored in SEARCHLIGHT and HR CONCERTO, those differences will have to be resolved by contacting Security Information, Q235 with an email to "ISMT" (as noted above). (U//FOUO) NAME DIFFERENCES IN PREVIOUSLY EXISTING CERTIFICATES: (U//FOUO) Many of you who have previously received your PKI certificates, did so with your name in SEARCHLIGHT at a time, and in a format, which preceded the "rollover" of names from SECURITY CONCERTO. If they were different, that immediately created a mismatch between the PKI and SEARCHLIGHT names, which equated to an identity failure and a subsequent PKI

certificate revocation. However, prior discussions recognized this problem and the subsequent impracticality of multiple revocations throughout the agency. It was consequently decided that existing, valid PKI certificates which would encounter this condition would not be revoked, but rather allowed to continue existing until their normal expiration date. The requirement for full identity validation would then occur at renewal time, ultimately bringing everything in line and eliminating the need for numerous immediate reapplications in the meantime. (U//FOUO) For further information, see an announcement in What's New in SEARCHLIGHT . Contributors to article: CRD Communications , Concerto Representative , Searchlight Representative "(U//FOUO) SIDtoday articles may not be republished or reposted outside NSANet without the consent of S0121 (DL sid comms)." DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL DERIVED FROM: NSA/CSSM 1-52, DATED 08 JAN 2007 DECLASSIFY ON: 20320108

Filters SVG