IDEF Token Control, v1.0
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-7: TOKEN CONTROL.
Assessment Step
|
1
Token Control (TokenControl)
Does the entity employ industry-accepted secure authentication protocols to demonstrate the user's control of a valid token?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
|
Token Control
Entities that authenticate a USER MUST employ industry-accepted secure authentication protocols to demonstrate the user's control of a valid token.
Citation
IDEF
Page 30
|