| Trustmark Definition Name | Version |
|---|---|
|
Single factor cryptographic software may be used for authentication and must adhere to the rules found within NIST 800-63-3B: 5.1.6
|
1.0 |
|
A single factor one-time password device may be used for authentication and must adhere to rules found within NIST 800-63-3B: 5.1.4.
|
1.0 |
|
All biometric sensors and processes used as part of an authenticator must meet performance requirements specified in NIST 800-63-3
|
1.0 |
|
Authentication with verifier impersonation resistance requires strong cryptographic binding of the authenticated channel with the authenticator output.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that assertions used to communicate the results of a remote authentication to other parties expire after a defined time period.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that assertions used to communicate the results of a remote authentication to other parties are not accepted by relying parties if they have expired.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that assertion mechanisms used to communicate the results of a remote authentication to other parties are obtained directly from a trusted entity using a secure protocol.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires assertion mechanisms used to communicate the results of a remote authentication to other parties are digitally signed.
|
1.0 |
|
Addresses the requirement for remote management workstations to authenticate at the same level of assurance required by the system.
|
1.0 |
|
Addresses the requirement that for organization PKI certificate authorities (CAs), the authentication of the Subscriber must meet the requirements specified for Subscriber authentication in the Organization CP.
|
1.0 |
|
Addresses the requirement that for organization PKI certificate authorities (CAs), the authentication of the Subscriber must meet the requirements specified for Subscriber authentication in the X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA)
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator content protection as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator default content as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution procedures as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution verification as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator feedback as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator lifetime as related to overall identification and authentication requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated tools to determine if password authenticators are sufficiently strong to satisfy organization-defined requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system, for biometric-based authentication, employs mechanisms that satisfy organization-defined biometric quality requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires developers/installers of information system components to provide unique authenticators or change default authenticators prior to delivery/installation.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates with organization-defined external organizations for cross-organization management of credentials.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system dynamically provisions identities.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system prohibits the use of cached authenticators after organization-defined time period.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization uses only FICAM-approved path discovery and validation products and services.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that the registration process to receive organization-defined types of and/or specific authenticators be conducted in person before a defined registration authority with authorization by organization-defined personnel or roles.
|
1.0 |
