| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an information system provides the means for authorized individuals to determine the identity of the producer of the information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system maintains reviewer/releaser identity and credentials within the established chain of custody for all information reviewed or released.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system validates the binding of the information producer identity to the information at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system validates the binding of the information reviewer identity to the information at the transfer or release points prior to release/transfer between organization-defined security domains.
|
1.0 |
|
When a federation proxy maps a user identifier to a pseudonymous identifier for consumption within a federation that uses pseudonymous identifiers, the proxy must not divulge this mapping except where it is necessary for legal reasons or to the proxied user if he or she requests this information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires the approval of each nonlocal maintenance session by organization-defined personnel or roles.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews the records of the maintenance and diagnostic sessions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization audits nonlocal maintenance and diagnostic sessions for organization-defined audit events.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects nonlocal maintenance sessions by separating the maintenance sessions from other network sessions with the information system by logically separated communications paths based upon encryption.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects nonlocal maintenance sessions by separating the maintenance sessions from other network sessions with the information system by physically separated communications paths.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects nonlocal maintenance sessions by employing organization-defined authenticators that are replay resistant.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that nonlocal maintenance and diagnostic services be performed from an information system that implements a security capability comparable to the capability implemented on the system being serviced.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements cryptographic mechanisms to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization documents in the security plan for the information system, the policies and procedures for the establishment and use of nonlocal maintenance and diagnostic connections.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization notifies organization-defined personnel or roles of the date and time of planned nonlocal maintenance.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements remote disconnect verification at the termination of nonlocal maintenance and diagnostic sessions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization removes the component to be serviced from the information system prior to nonlocal maintenance or diagnostic services, sanitizes the component (with regard to organizational information) before removal from organizational facilities, and after the service is performed, inspects and sanitizes the component (with regard to potentially malicious software) before reconnecting the component to the information system.
|
1.0 |
|
This Trustmark Definition defines requirements for PKI Certificate Authorities to provide notice of disasters where the organization's Principal CA's signature keys are destroyed.
|
1.0 |
|
This Trustmark Definition defines requirements for PKI Certificate Authorities to provide notice of disasters causing physical damage to the organization's Principal CA installation.
|
1.0 |
|
Addresses the requirement for notification of lost or compromized PKI Certificate Authority signing keys.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for notification of sanctions as related to overall personnel security requirements.
|
1.0 |
|
This Trustmark Definition defines requirements for PKI Certificate Authorities to provide notice of termination of operation.
|
1.0 |
|
Addresses the requirement that organization PKI certificate authorities (CAs) perform subscriber notification in accordance with the U.S. Government Public Key Infrastructure Cross-Certification Criteria and Methodology
|
1.0 |
|
Addresses the requirement for organization PKI certificate authorities (CAs) to notify the Federal Public Key Infrastructure Policy Authority (FPKIPA) upon issuance of new inter-organizational CA cross-certificates.
|
1.0 |
|
Addresses requirements for off-site storage of PKI records archive media.
|
1.0 |
