FBCA CP Section 6.6.1, System Development Controls, v2.27
Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.6.1, System Development Controls
| Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-6.6.1_-system-development-controls/2.27/ | ||||
| Publication Date | 2018-10-30 | ||||
| Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | PIV-I, Security, Identity, Federal Bridge | ||||
| Legal Notice | This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TD_CommercialOfftheShelfSoftwareFormallyDeveloped and TD_PKICertificateAuthorityHardwareDemonstratesRequirementsMet and TD_PKICertificateAuthoritySoftwareDemonstratesRequirementsMet and TD_PKICertificateAuthorityOpenSourceSoftwareMeetsSecurityRequirements and TD_SupplyChainProtection and TD_PKICertificateAuthorityUsesDedicatedHardware and TD_PKICertificateAuthorityUsesDedicatedSoftware and TD_ApplicationsLimitedToSupportofPKICertificateAuthority and TD_HardwareLimitedToSupportofPKICertificateAuthority and TD_NetworkConnectionsLimitedtoSupportofPKICertificateAuthority and TD_ComponentSoftwareLimitedtoSupportofPKICertificateAuthority and TD_MaliciousCodeProtectionPeriodicScans and TD_HardwareUpdateSources and TD_HardwareUpdatesInstalledByTrustedandTrainedPersonnel and TD_SoftwareUpdateSources and TD_SoftwareUpdatesInstalledByTrustedandTrainedPersonnel
References (16)
| TD Commercial Off-the-Shelf Software Formally Developed, v1.0 | |
|---|---|
| Description | Addresses the requirement for formal development of off-the-shelf software. |
| ID | TD_CommercialOfftheShelfSoftwareFormallyDeveloped |
| Provider Reference | |
| TD PKI Certificate Authority Hardware Demonstrates Requirements Met, v1.0 | |
|---|---|
| Description | This Trustmark Definition allows for an organization to claim they have demonstrated that PKI Certificate Authority hardware has met security requirements. |
| ID | TD_PKICertificateAuthorityHardwareDemonstratesRequirementsMet |
| Provider Reference | |
| TD PKI Certificate Authority Software Demonstrates Requirements Met, v1.0 | |
|---|---|
| Description | This Trustmark Definition allows for an organization to claim they have demonstrated that PKI Certificate Authority software has met security requirements. |
| ID | TD_PKICertificateAuthoritySoftwareDemonstratesRequirementsMet |
| Provider Reference | |
| TD PKI Certificate Authority Open Source Software Meets Security Requirements, v1.0 | |
|---|---|
| Description | This Trustmark Definition allows for an organization to claim they have demonstrated that PKI Certificate Authority open source software has met security requirements. |
| ID | TD_PKICertificateAuthorityOpenSourceSoftwareMeetsSecurityRequirements |
| Provider Reference | |
| TD Supply Chain Protection, v1.0 | |
|---|---|
| Description | This Trustmark Definition addresses organizational requirements to protect against supply chain threats for information systems. |
| ID | TD_SupplyChainProtection |
| Provider Reference | |
| TD PKI Certificate Authority Uses Dedicated Hardware, v1.0 | |
|---|---|
| Description | Addresses the requirement for hardware to be dedicated to a PKI Certificate Authority |
| ID | TD_PKICertificateAuthorityUsesDedicatedHardware |
| Provider Reference | |
| TD PKI Certificate Authority Uses Dedicated Software, v1.0 | |
|---|---|
| Description | Addresses the requirement for software to be dedicated to a PKI Certificate Authority |
| ID | TD_PKICertificateAuthorityUsesDedicatedSoftware |
| Provider Reference | |
| TD Applications Limited To Support of PKI Certificate Authority, v1.0 | |
|---|---|
| Description | Addresses the requirement that only applications related to the operation of a PKI Certificate Authority are installed. |
| ID | TD_ApplicationsLimitedToSupportofPKICertificateAuthority |
| Provider Reference | |
| TD Hardware Limited To Support of PKI Certificate Authority, v1.0 | |
|---|---|
| Description | Addresses the requirement that only hardware related to the operation of a PKI Certificate Authority are installed. |
| ID | TD_HardwareLimitedToSupportofPKICertificateAuthority |
| Provider Reference | |
| TD Network Connections Limited to Support of PKI Certificate Authority, v1.0 | |
|---|---|
| Description | Addresses the requirement that only network connections related to the operation of a PKI Certificate Authority are installed. |
| ID | TD_NetworkConnectionsLimitedtoSupportofPKICertificateAuthority |
| Provider Reference | |
| TD Component Software Limited to Support of PKI Certificate Authority, v1.0 | |
|---|---|
| Description | Addresses the requirement that only component softwarerelated to the operation of a PKI Certificate Authority are installed. |
| ID | TD_ComponentSoftwareLimitedtoSupportofPKICertificateAuthority |
| Provider Reference | |
| TD Malicious Code Protection - Periodic Scans, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for compliance with minimum security requirements for malicious code protection - periodic scans as related to overall system and information integrity requirements. |
| ID | TD_MaliciousCodeProtectionPeriodicScans |
| Provider Reference | |
| TD Hardware Update Sources, v1.0 | |
|---|---|
| Description | Addresses the requirement for hardware updates to be purchased or developed in the same manner as original equipment. |
| ID | TD_HardwareUpdateSources |
| Provider Reference | |
| TD Hardware Updates Installed By Trusted and Trained Personnel, v1.0 | |
|---|---|
| Description | Addresses the requirement for hardware updates to be installed by trusted and trained personnel in a defined manner. |
| ID | TD_HardwareUpdatesInstalledByTrustedandTrainedPersonnel |
| Provider Reference | |
| TD Software Update Sources, v1.0 | |
|---|---|
| Description | Addresses the requirement for software updates to be purchased or developed in the same manner as original equipment. |
| ID | TD_SoftwareUpdateSources |
| Provider Reference | |
| TD Software Updates Installed By Trusted and Trained Personnel, v1.0 | |
|---|---|
| Description | Addresses the requirement for software updates to be installed by trusted and trained personnel in a defined manner. |
| ID | TD_SoftwareUpdatesInstalledByTrustedandTrainedPersonnel |
| Provider Reference | |