NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for HIGH Impact Systems, v4
Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.
Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-identification-and-authentication---controls-for-high-impact-systems/4/ | ||||
Publication Date | 2021-04-26 | ||||
Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
Keywords | 800-53, Authentication, Identification, NIST, Security, High | ||||
Legal Notice | This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforMODERATEImpactSystems and TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures and TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA24LocalAccesstoNonPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant and TIP_NISTSP80053r4SecurityControlIA29NetworkAccesstoNonPrivilegedAccountsReplayResistant and TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice and TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials and TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication and TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement and TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement and TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration and TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback and TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication and TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies and TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials and TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts and TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles
References (25)
TIP NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for MODERATE Impact Systems, v4 | |
---|---|
Description | Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication. |
ID | TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforMODERATEImpactSystems |
TIP NIST SP 800-53 r4 Security Control IA-1: Identification and Authentication Policy and Procedures, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-1: Identification and Authentication Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures |
TIP NIST SP 800-53 r4 Security Control IA-2: Identification and Authentication (Organizational Users), v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2: Identification and Authentication (Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers |
TIP NIST SP 800-53 r4 Security Control IA-2 (1): Network Access to Privileged Accounts, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (1): Network Access to Privileged Accounts. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts |
TIP NIST SP 800-53 r4 Security Control IA-2 (2): Network Access to Non-Privileged Accounts, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (2): Network Access to Non-Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts |
TIP NIST SP 800-53 r4 Security Control IA-2 (3): Local Access to Privileged Accounts, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (3): Local Access to Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts |
TIP NIST SP 800-53 r4 Security Control IA-2 (4): Local Access to Non-Privileged Accounts, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (4): Local Access to Non-Privileged Accounts. Applicable to HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA24LocalAccesstoNonPrivilegedAccounts |
TIP NIST SP 800-53 r4 Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant |
TIP NIST SP 800-53 r4 Security Control IA-2 (9): Network Access to Non-Privileged Accounts - Replay Resistant, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (9): Network Access to Non-Privileged Accounts - Replay Resistant. Applicable to HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA29NetworkAccesstoNonPrivilegedAccountsReplayResistant |
TIP NIST SP 800-53 r4 Security Control IA-2 (11): Remote Access - Separate Device, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (11): Remote Access - Separate Device. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice |
TIP NIST SP 800-53 r4 Security Control IA-2 (12): Acceptance of PIV Credentials, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (12): Acceptance of PIV Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials |
TIP NIST SP 800-53 r4 Security Control IA-3: Device Identification and Authentication, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3: Device Identification and Authentication. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication |
TIP NIST SP 800-53 r4 Security Control IA-4: Identifier Management, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4: Identifier Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement |
TIP NIST SP 800-53 r4 Security Control IA-5: Authenticator Management, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5: Authenticator Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement |
TIP NIST SP 800-53 r4 Security Control IA-5 (1): Password-Based Authentication, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (1): Password-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication |
TIP NIST SP 800-53 r4 Security Control IA-5 (2): PKI-Based Authentication, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (2): PKI-Based Authentication. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication |
TIP NIST SP 800-53 r4 Security Control IA-5 (3): In-Person or Trusted Third-Party Registration, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (3): In-Person or Trusted Third-Party Registration. Applicable to MODERATE impact and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration |
TIP NIST SP 800-53 r4 Security Control IA-5 (11): Hardware Token-Based Authentication, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (11): Hardware Token-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication |
TIP NIST SP 800-53 r4 Security Control IA-6: Authenticator Feedback, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-6: Authenticator Feedback. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback |
TIP NIST SP 800-53 r4 Security Control IA-7: Cryptographic Module Authentication, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-7: Cryptographic Module Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication |
TIP NIST SP 800-53 r4 Security Control IA-8: Identification and Authentication (Non-Organizational Users), v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8: Identification and Authentication (Non-Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers |
TIP NIST SP 800-53 r4 Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies |
TIP NIST SP 800-53 r4 Security Control IA-8 (2): Acceptance of Third-Party Credentials, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (2): Acceptance of Third-Party Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials |
TIP NIST SP 800-53 r4 Security Control IA-8 (3): Use of FICAM-Approved Products, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (3): Use of FICAM-Approved Products. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts |
TIP NIST SP 800-53 r4 Security Control IA-8 (4): Use of FICAM-Issued Profiles, v4 | |
---|---|
Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (4): Use of FICAM-Issued Profiles. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
ID | TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles |
Sources (1)
SP800-53R4 | NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4. |