+CRY-11 Cryptographic Key Archival
---+CRY-11.01B

1. Übersicht

CRY-11 Cryptographic Key Archival

CRY-11.01B

The cloud service provider has documented and implemented procedures and technical safeguards for the secure archiving of cryptographic keys. These include:

1. Storage of archived keys in a repository to prevent unauthorised access;
2. Restriction of access to archived keys to authorised personnel based on the principle of least privilege;
3. Support of later recovery of information through archived keys;
4. Retention of archived keys only for as long as needed and secure destruction afterwards; and
5. Logging of all activities related to the storage and recovery of archived keys.

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html