Year
2006
Abstract
Several systems have been used to automatically accept declarations of activities from the operator of a monitored facility, allowing declarations to be accepted and logged in without the need for an inspector being present. Many of these systems have been referred to as “mailboxes,” which is a useful term to visualize the concept of the systems operation. In its simplest form, the mailbox can be a locked box into which the operator deposits a signed and dated hard copy of the declaration. The inspecting agency has the key to the box, and an inspector collects the declarations on a regular basis. This approach is inadequate for several reasons. The most important of these is that the inspecting agency does not know the time that the declaration was made; only that it was made at some time between mail pickups. If there was a significant span of time between pickups, this could allow the operator to prepare all of the declarations just before the inspector arrives instead of making the agreed-upon periodic declarations. In addition, the data must be copied from the declaration form into a computer, which requires a significant amount of labor and the possibility of transcription errors is always present. Mailboxes have taken various forms at different facilities. It was realized several years ago that modern cryptographic protocols could greatly simplify the mailbox process while improving security. Also a common standards-based approach is considered desirable since it can leverage commercial off-the-shelf software often found and used by facility operators. A robust system that can accommodate a wide range of requirements and provide a means of resolving conflicts is necessary. This paper describes the requirements of such a system and discusses how the system can be implemented. The software required by operators and state systems are readily available from multiple sources, but a small amount of custo