ML041740349
| ML041740349 | |
| Person / Time | |
|---|---|
| Site: | Perry  |
| Issue date: | 05/26/2004 |
| From: | Kanda W FirstEnergy Nuclear Operating Co |
| To: | Document Control Desk, Office of Nuclear Reactor Regulation |
| References | |
| PY-CEI/NRR-2801L, RIS-02-015 | |
| Download: ML041740349 (2) | |
Text
FENOC Perry Nuclear Power Plant 10 Center Road FirstEhergy Nuclear Operating Company Perry Ohio 44081 MY=1iam R. Kanda 440-280-5579 Vice President -Nuclear Fax: 440-280-8029 May 26, 2004 PY-CEI/NRR-2801 L United States Nuclear Regulatory Commission Document Control Desk Washington, D.C. 20555-0001
References:
- 1. 10 CFR 73.21
Subject:
Use of Encryption Software for Electronic Transmission of Safeguards Information Perry Nuclear Power Plant Docket No. 50-440 Ladies and Gentlemen:
Pursuant to the requirements of 10 CFR 73.21 (g)(3), the FirstEnergy Nuclear Operating Company (FENOC), on behalf of the Perry Nuclear Power Plant (PNPP), requests approval to process and transmit Safeguards Information (SGI) using PGP Software (Enterprise, Corporate, or Personal) Desktop Version 8.0 or the latest validated version, developed with PGP Software Developer's Kit (SDK) Version 3.0.3. National Institute of Standards and Technology (NIST) Certificate 394 validates compliance of this SDK with Federal Information Processing Standard (FIPS) 140-2 requirements.
An information protection system for SGI that meets the requirements of 10 CFR 73.21(b) through (i) has been established and is being maintained. Prior to the first use of encryption software for SGI material, written procedures shall be in place to describe, as a minimum:
access controls; where and when encrypted communications can be made; how encryption keys, codes and passwords will be protected from compromise; actions to be taken if the encryption keys, codes or passwords are, or are suspected to have been, compromised (for example, notification of all authorized users); and how the identity and access authorization of the recipient will be verified.
FENOC intends to exchange SGI with the NRC, Nuclear Energy Institute (NEI), and other SGI holders who have received NRC approval to use PGP software. Mr. Daniel L. Craine, Supervisor - Nuclear Security Support Services, is responsible for the overall implementation of the SGI encryption program at PNPP. Mr. Gary Garrett, FENOC Information Technology Business Systems - Manager, will be responsible for collecting, safeguarding, and disseminating the software tools needed for encryption and decryption of SGI.
May 26, 2004 PY-CEI/NRR-2801 L Page 2 of 2 Pursuant to 10 CFR 73.21 (g)(3), the transmission of encrypted material to other authorized SGI holders, who have received NRC approval to use PGP software, would be considered as protected telecommunications. The transmission and dissemination of unencrypted SGI is subject to the provisions of 10 CFR 73.21 (g)(1) and (2).
Should you have questions or require additional information, please contact Mr. Vernon K. Higaki, Manager - Regulatory Affairs, at (440) 280-5294.
Very truly yours, cc:
NRC Region IlIl NRC Project Manager NRC Resident Inspector Scott Morris, NRC/NISR Lynn Silvious, NRC/NSIR Louis Grosman, NRC/OCIO James Davis, NEI