U BLACK--Designation applied to telecommunications and information systems, and associated areas, circuits, components, equipment, and wire lines in which only unclassified or encrypted signals are processed. Government employee who has met established certification requirements according to National Security Telecommunications and Information Systems Security Committee-approved criterions and has been appointed by a U. Government department or agency to fulfill CTTA responsibilities. U Compromising Emanation--Unintentional signals that, if intercepted and analyzed, would disclose the information transmitted, received, handled, or otherwise processed by information systems. U Countermeasures Review--The evaluation of the posture of a facility where classified national security information will be processed which identifies the vulnerabilities and threats and determines the required countermeasures.
|Published (Last):||21 August 2019|
|PDF File Size:||1.90 Mb|
|ePub File Size:||20.64 Mb|
|Price:||Free* [*Free Regsitration Required]|
Section B Organizational Roles and Responsibilities. Host Air Force Wing 8 Program Managers. Air Force Information Systems Users. Validation Requirements. Reassessing Requirements. Waivers, Deviations and Exceptions. The goal of IA is to assure the availability, integrity, and confidentiality of information and information systems. EMSEC addresses the confidentiality requirement. Compliance ensures appropriate measures are taken to protect all Air Force information systems and resources that will process classified information.
Applies to all information systems, including information system components of weapon systems, information systems that provide the management infrastructure and connections among other information systems, and networks that are used to process, store, display, transmit or protect DoD information, regardless of classification or sensitivity. This document is also binding on all users that operate, connect, or interact with information systems owned, maintained, and controlled by the DoD.
More restrictive DoD and Director of Central Intelligence Agency directive requirements governing Special Access Program information take precedence over this instruction.
The objective of EMSEC is to deny access to classified and, in some instances, unclassified but sensitive information and contain compromising emanations within an inspectable space. The term classified information, as used in this instruction, includes all these instances. This is accomplished by identifying requirements from the broader view of IA and providing the appropriate protection at the least possible cost.
The key to this is a partnership between the IA office and the user. These objectives will be met by provision of safeguard and their associated control collectively known as countermeasure. The user identifies the information systems that will process classified information; the volume, relative sensitivity, and perishability of the information; the physical control measures in effect around the area that will process classified information; and applies identified IA and EMSEC countermeasures.
Develops policies and procedures for communication enterprise operations and maintenance. Establishes Air Force EMSEC policy and doctrine, and coordinates with the other military departments and government agencies to eliminate duplication and to exchange technical data.
Periodically reviews this curriculum. Reviews, approves, or disapproves the installation plans that have EMSEC requirements when the installation is contracted.
Publications with special applications at bases outside the US will be identified. Distributes guidance on the domestic and foreign technical threat environment as provided by the CNSS. Provides information systems, communications systems, and cryptographic equipment testing and a quick reaction capability to support emergency testing of facilities. Provides a capability to test high value Air Force systems such as special air mission aircraft and strategic systems e.
Provides a testing and evaluation capability for Air Force information systems in a laboratory environment for zoning and profiling. This includes information systems under development and information systems embedded in weapons systems.
Implement and maintain required countermeasures for information systems that process classified information. Notify wing and regional civil engineers of any unique construction needed to support programs that process classified information. Implements ESIMs. Assists wing IA offices when requested.
Reviews all project support agreements PSA , project packages, and installation plans, including revisions, for facilities that process classified information. Host Air Force Wing. Provides IA support for non-Air Force units upon request.
Tenant units must follow Air Force regulations while on Air Force installations. Provides IA support for geographically separated units. Any unit not on an Air Force installation may request support from the nearest IA office. Units will provide funding for this support. Ensures an IA representative attends planning meetings for new equipment procurement, installation, or reconfiguration of existing facilities that process classified information. Assist the wing IA office to determine EMSEC requirements and, when required, cost estimates of required countermeasures for new facility construction or upgrade projects.
Makes EMSEC assessments of all information systems that process classified information on the base, including tenant and geographically separated organizations, unless there are other formal agreements see paragraph Receives validations and sends copy of validated countermeasures to the user.
Makes reassessments as required see paragraph Advises commanders, managers, supervisors, and users of countermeasures required to adequately protect classified information the countermeasures review and what deficiencies exist for their information systems the EMSEC inspection. Maintains a file of all active temporary and permanent waivers.
Provides 38th Engineering Installation Group and systems networking personnel with countermeasures requirements for information systems before engineering and installation begins.
Assists the wing civil engineer in planning new facilities, or reconfiguring existing facilities, that process classified information. Advises the wing civil engineer of any countermeasures requirements for new construction or upgrade projects. Reviews and approves required countermeasures for contractor facilities supporting wing contracts.
Helps the contracting officer obtain standards necessary for contractual compliance with EMSEC requirements. Reviews all PSAs, project packages, and installation plans, including revisions, for facilities that will process classified information, to include applicable EMSEC requirements. Assists users with the technical aspects of applying countermeasures. Contact the wing IA office for assistance when the need to process classified information arises. Implement required countermeasures.
Maintain countermeasures to as-applied or as-installed conditions. Section C - Policy The EMSEC process determines protective measures that will deny unauthorized personnel access to classified information and information collected from the intercept and analysis of emanations from information systems processing classified information.
Air Force organizations and contractors doing business as the Air Force, whether procuring or using information systems to process classified information, must apply EMSEC proportional to the threat of exploitation. They must consider the potential damage to national security if classified information is compromised. Paragraphs The user contacts the wing IA office whenever they intend to process classified information.
The user must do this before selecting the operational facility or room, beginning architectural engineering and facility design, procuring information systems, beginning engineering and installation, or processing classified information.
The required countermeasures are given to the user for application or implementation see paragraph The wing IA office inspects the application of countermeasures for correctness and effectiveness see paragraph Processing classified information without complying with the requirements in paragraphs This process determines the IA countermeasures and the need for EMSEC countermeasures for an information system that will process classified information.
If the information system will process classified information, the user must contact the wing IA office. All IA offices: Verify the basic assessment data equipment, location, and classification level annually. Document this as a note, dated and signed in block 6 of the AF Form This process determines the needed EMSEC countermeasures for an information system that will process classified information.
The CTTA must validate the EMSEC countermeasures reviews because of the costs involved in applying countermeasures to some facilities and the cost of some countermeasures.
Applying Countermeasures. Notify the wing IA office when completed. The user must correct deficiencies discovered by an EMSEC inspection or request a temporary or permanent waiver before processing classified information.
While operating under a temporary waiver, the system can only operate under interim approval. Reinspect during reassessments see paragraph Recertify during reassessments see paragraph Document the recertification by dating and signing the AF Form in or near the certification block of the AF Form If equipment is moved or added in an area where classified information is processed, whether the moved or added equipment processes classified information or not, it must be done meeting the established IA and EMSEC countermeasures.
Make a reassessment by reviewing and confirming the documented information. A new AF Form is not required for changes, such as equipment, office, room, or building changes that do not change the outcome of the EMSEC assessments or countermeasures reviews.
Make pen and ink changes instead. If the AF Form becomes illegible, reaccomplish the form. Document the reassessments by dating and signing the AF Form in or near the authentication and acknowledgement block of the AF Form This type of reassessment is allowed only once per tracking number.
If changes are required, use the template for a new AF Form and submit with a new number, noting in Block 5 that the new submission supersedes the old tracking number. Use this form to document and request either a temporary see Attachment 3 or permanent waiver see Attachment 4.
A separate form is required for each countermeasure to be waived. Initiate requests for waivers when needed through command EMSEC channels unless otherwise noted in this instruction. A copy of each temporary or permanent waiver must be filed with the documentation of the EMSEC assessments and countermeasures reviews.
Temporary Waiver. A temporary waiver allows the processing of classified information when the user is not able to implement or apply a required IA or EMSEC countermeasure. A temporary waiver is valid for 1 year to allow the user to accomplish the mission while they implement or apply required IA or EMSEC countermeasures. The following conditions must exist before processing a temporary waiver: Operation is required for mission accomplishment.
Processing a Temporary Waiver.
AFSSI 7700 Emission Security-2 OCT 07 (IC- 14 April 2009)