| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an information system provides a single sign-on capability for organization-defined information system accounts and services.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identification of actions not requiring identification or authentication as related to overall access control requirements.
|
1.0 |
|
Addresses the requirement for organization PKI certificate authorities (CAs) to require that the identification of Subscribers meet the requirements specified for Subscriber identification in the organization certificate policy.
|
1.0 |
|
Addresses the requirement that for organization PKI certificate authorities (CAs), the identification of Subscribers must meet the requirements specified for Subscriber identification in the X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA)
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization specifies which information system components carry out auditing activities.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with requirements individuals to identify themselves before being permitted to perform any actions set forth for their defined PKI roles or identity.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identified account types as related to overall access control requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identifier inactivity as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates with organization-defined external organizations for cross-organization management of identifiers.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system dynamically manages identifiers.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization manages individual identifiers by uniquely identifying each individual with an organization-defined characteristic identifying individual status.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that the registration process to receive an individual identifier be conducted in person before a designated registration authority.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires multiple forms of certification of individual identification be presented to the registration authority.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization prohibits the use of information system account identifiers that are the same as public identifiers for individual electronic mail accounts.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that the registration process to receive an individual identifier includes supervisor authorization.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identifier reuse as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for identifier selection as related to overall identification and authentication requirements.
|
1.0 |
|
Addresses requirements for in-person identity proofing before a Trusted Agent of a PKI Registration Authority.
|
1.0 |
|
Addresses requirements for in-person identity proofing before a Federally certified entity.
|
1.0 |
|
Addresses requirements for in-person identity proofing before a state-certified entity.
|
1.0 |
|
Addresses requirements for in-person identity proofing before a PKI Registration Authority.
|
1.0 |
|
Addresses the requirement for an organization to record the identity information of sponsors for group PKI certificates before they are issued.
|
1.0 |
|
Addresses requirements for organizations to record the identity persons performing identity verification for PKI certificate issuance.
|
1.0 |
|
Addresses the requirement for organizations to require device PKI certificate subscribers to re-establish identity for re-keying through means commensurate with the certificate's strength.
|
1.0 |
|
Addresses the requirement for organizations to require PKI certificate subscribers to re-establish their identity through the organization's initial registration process.
|
1.0 |
