| Trustmark Definition Name | Version |
|---|---|
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement INTEROP-2: THIRD-PARTY CREDENTIALS.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-8: THIRD-PARTY LIMITATIONS.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-7: TOKEN CONTROL.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-10: UPTIME.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-2: USABILITY ASSESSMENT.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-6: USABILITY FEEDBACK.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-1: USABILITY PRACTICES.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-6: USAGE NOTICE.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-7: USER DATA CONTROL.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-9: USER NOTICE OF CHANGES.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-10: USER OPTION TO DECLINE.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement INTEROP-7: USER REDRESS.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-7: USER REQUESTS.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identification and authentication of organizational users as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system accepts and electronically verifies Personal Identity Verification-I (PIV-I) credentials.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for local access to non-privileged accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for local access to privileged accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for network access to non-privileged accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements replay-resistant authentication mechanisms for network access to non-privileged accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for network access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access and the device meets organization-defined strength of mechanism requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements replay-resistant authentication mechanisms for network access to privileged accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for network access to privileged accounts such that one of the factors is provided by a device separate from the system gaining access and the device meets organization-defined strength of mechanism requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements organization-defined out-of-band authentication under organization-defined conditions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements multifactor authentication for remote access to privileged and non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access and the device meets organization-defined strength of mechanism requirements.
|
1.0 |
