Federal Highway Administration (FHWA), within the Department of Transportation (DOT), has been given the responsibility of enhancing the highway movement of people and goods, while also ensuring the safety of the traveling public, promoting the efficiency of the transportation system, and protecting the environment. To meet these goals, FHWA maintains effective communication with other federal agencies, state and local organizations, and members of Congress. With security always foremost in mind, as FWHA has automated much of this information sharing it also has implemented strict safeguards to protect against unauthorized or unintentional information exchange. The User Profile and Access Control System (UPACS) is one tool that helps FHWA accomplish this.
UPACS is a Web-enabled system designed to set and manage appropriate access to various FHWA systems, as well as detect unauthorized access. To do this, UPACS maintains a record of permissions, contact information, and other related data on each user that FHWA has determined requires access to one or more FHWA systems. When a user attempts to access an FHWA system, UPACS interfaces with the system in question, exchanging data that the system needs to permit or refuse access. UPACS logs also provide FHWA the information regarding access attempts it needs to monitor system usage adequately and identify possible unauthorized access incidents or security breaches. Additionally, in an effort to reduce data duplication with other systems, FHWA uses UPACS data to print telephone lists and provide other data in accordance with predefined and acceptable uses, outside of access control. With UPACS, FHWA can strike an effective balance between efficient information sharing and adequate security.