IDEF Credential Protection, v1.0
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-4: CREDENTIAL PROTECTION.
Assessment Step
1
Credential Protection (CredentialProtection)
Does the entity implement industry-accepted data integrity practices to enable individuals and other entities to verify the source of credential and/or token data for the credentials and/or tokens that it issues and/or manages?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
Credential Protection
Entities that issue or manage credentials and tokens MUST implement industry-accepted data integrity practices to enable individuals and other entities to verify the source of credential and token data.
Citation
IDEF
Page 27
|