B. Data is specific individual facts or a list of such items; facts from which conclusions can be drawn; any or all facts, numbers, letters, symbols, etc. that can be processed or produced by a computer.
C. Emergency access - acquisition of the plaintext information associated with ciphertext for which the decrypting key is not readily available.
D. Emergency access system (EAS) - includes the policies, procedures, and all emergency access components required to recover encrypted data.
E. Key - a parameter that determines the transformation from plaintext to ciphertext and/or vice versa.
F. Key component - one of at least two parameters having the format of a key that is combined with one or more like parameters to form a key
G. Key encryption key - a key used exclusively to encrypt and decrypt keys.
H. Key Recovery Agent - company, individual and/or entity that runs an Emergency Access System.
I. Key Recovery Center - location from which keys are obtained, for the purpose of emergency access.
J. Owner of the data - to be determined for each pilot.
K. Session, as in session data, is a logical connection between two terminals; part of a message transmission when two parties are exchanging messages; that which takes place after a communications circuit has been set up and is functioning, and which ends when the circuit has been terminated.
B. The EAS shall implement procedures to recover from compromise of the confidentiality, integrity or availability of the EAS, subsystems, and keys and/or key components.
C. It should not be possible for an unauthorized person or process to alter, disable, bypass or corrupt an EAS, its subsystems or its components.
D. An EAS shall be designed and operated so that a failure by a single person, procedure, or mechanism does not compromise the confidentiality, integrity or availability of keys and/or key components or the EAS itself.
E. Unencrypted keys and/or key components shall be protected against modification, deletion and unauthorized disclosure while in storage, transmission or transfer.
F. The EAS shall ensure that each key recovery center (KRC) is uniquely identified. Encrypted data shall be bound to (associated with) the unique identity of the KRC and other information which is sufficient for the emergency access system to recover the encrypted data. This information shall be in an accessible format and occur with reasonable frequency to provide emergency access.
G. An EAS shall ensure emergency access to encrypted data without inducing errors, and without intruding upon or disrupting data system and/or storage service.
H. An EAS shall maintain data relating to emergency access events in sufficient detail for auditing by authorized officials or their representatives.
I. An EAS shall ensure that only the requested key and/or key component(s) shall be provided.
J. An EAS shall ensure that the decrypted data, and the key and/or key component(s) are obtainable in a timeframe reasonable to support federal government business operations.
K. An EAS shall enforce the start and end of a time interval for authorized access to stored data, session data, and/or multiple sessions of data.
L. In response to a proper, lawful authorization, an EAS shall be capable of providing more than one key and/or key component at once or over the authorized time interval, if appropriate.
M. An EAS shall be capable of providing the key and/or key component needed to decrypt the data regardless of whether the sender's or receiver's cryptographic product generated or received the ciphertext.
N. The EAS shall ensure that key and/or key components are provided only after authenticating the identity and authority of the requester, and in response to established mechanisms and/or procedures pursuant to proper, lawful authorization.
O. The EAS shall disclose keys and/or key components only to authorized requester(s).
P. The EAS shall ensure access to keys and/or key components for the life of the encrypted data. In addition, in the event an EAS subsystem or component dissolves or otherwise terminates emergency access operations, the emergency access capability shall be transferred to another EAS that meets the federal client's performance and security requirements.
Q. The EAS shall protect against disclosure of information to unauthorized entities regarding the identity of the person and/or organization whose key and/or key component(s) is requested, the fact that a key and/or key component was requested or provided, and the identity of the requester.
R. The Key Recovery Agent shall be a federal department or agency, or a U.S. registered company(ies), or through a U.S. treaty relationship.
S. The EAS' operating procedures shall designate an individual(s) responsible as security and operations officer(s); all EAS' shall designate individual(s) responsible for the security and the operations of their subsystems.
T. Non-Government entities performing EAS functions shall possess suitable evidence of corporate viability, e.g., a Certificate of Good Standing for the State of Incorporation, appropriate business registration documents, a credit report, errors and omission insurance coverage.
U. The entities performing EAS functions shall certify compliance with all applicable federal, state, and local laws and regulations.
V. The EAS serving the U.S. Government business shall interoperate only with EAS' that meet these criteria.