| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization correlates information from nontechnical sources with audit information to enhance organization-wide situational awareness.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization correlates information from audit records with physical access information/records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization performs a full text analysis of audited privileged commands in a physically distinct component or subsystem of the information system, or other information system that is dedicated to that analysis.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization integrates analysis of audit records with other system monitoring data.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization specifies the permitted actions for each information system process, role, or user associated with the review, analysis, and reporting of audit information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employes automated mechanisms for audit review, analysis, and reporting.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit storage capacity as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system off-loads audit records organization-defined frequency onto a different system or media than the system being audited.
|
1.0 |
|
Auditable Chain Of Custody Is In Place When Information Is Obtained To Confirm Subscriber Attributes
Addresses the requirement for an organization to require an auditable chain of custody when information sent to a CA to confirm Subscriber attributes.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs an audited override of automated access control mechanisms under organization-defined conditions.
|
1.0 |
|
Addresses the requirement for auditing processes to only ceaser at system or application shutdown.
|
1.0 |
|
Addresses the requirement for auditing processes to be enabled at system or application startup.
|
1.0 |
|
Addresses the requirement for the Auditor Trusted Role to be excluded from multiparty access control.
|
1.0 |
|
Addresses the requirement for authentication of communications between PKI trusted roles and their PKI certificate authority.
|
1.0 |
|
Credential Service Providers may issue authenticators that expire, and if it does it must handle expiration appropriately by not accepting expired authenticators and by notifying a user o the expiration. If a physical device has expired it should be destroyed and reclaimed.
|
1.0 |
|
Compromised authenticators (do to loss, damage, or unauthorized duplication/disclosure) must be suspended, revoked, or destroyed as appropriate.
|
1.0 |
|
Credential Service Providers must revoke authenticators in cases where the identity ceases to exist, on request, and when the subscriber is no longer eligible. This may require destroying or reclaiming a physical authenticator if it contained certified data.
|
1.0 |
|
Sessions will require reauthentication of subscribers in varying circumstances and with varying levels of assurance.
|
1.0 |
|
Sessions must be generated, managed, and terminated properly to ensure safe interactions between subscriber and service.
|
1.0 |
|
Authenticator verifiers may rely on attestation data conveyed to the verifier from a directly connected authenticator or endpoint. That attestation data must be digitally signed appropriately.
|
1.0 |
|
Biometrics used as a factor in multi-factor authentication must adhere to numerous requirements to be effective and safe.
|
1.0 |
|
Authenticator Verifiers must protect against online guessing attacks, locking or suspending an account after too many consecutive failed attempts, and typically using other measures to rate limit guesses prior to suspension.
|
1.0 |
|
If restricted authenticators are used by a CSP, the CSP must address the risks inherent in using them and must provide some alternative authentication methods to their subscribers.
|
1.0 |
|
Verifiers are compromise resistant when they do not store anything that when stolen nullifies the value of the authenticator.
|
1.0 |
|
Credential Service Providers must function as the authenticator verifier or must have a mutually authenticated secure channel with the authenticator verifier over which all communications occur.
|
1.0 |
