| TIP: NIST SP 800-53 r4 - Security Control Family: Identification and Authentication

NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for MODERATE Impact Systems, v4

Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-identification-and-authentication---controls-for-moderate-impact-systems/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, Authentication, Identification, NIST, Security, Moderate

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforLOWImpactSystems and TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures and TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant and TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice and TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials and TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication and TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement and TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement and TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration and TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback and TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication and TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies and TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials and TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts and TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles

References (23)

TIP NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for LOW Impact Systems, v4
Description	Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.
ID	TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforLOWImpactSystems

TIP NIST SP 800-53 r4 Security Control IA-1: Identification and Authentication Policy and Procedures, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-1: Identification and Authentication Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures

TIP NIST SP 800-53 r4 Security Control IA-2: Identification and Authentication (Organizational Users), v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2: Identification and Authentication (Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers

TIP NIST SP 800-53 r4 Security Control IA-2 (1): Network Access to Privileged Accounts, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (1): Network Access to Privileged Accounts. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts

TIP NIST SP 800-53 r4 Security Control IA-2 (2): Network Access to Non-Privileged Accounts, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (2): Network Access to Non-Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts

TIP NIST SP 800-53 r4 Security Control IA-2 (3): Local Access to Privileged Accounts, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (3): Local Access to Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts

TIP NIST SP 800-53 r4 Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant

TIP NIST SP 800-53 r4 Security Control IA-2 (11): Remote Access - Separate Device, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (11): Remote Access - Separate Device. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice

TIP NIST SP 800-53 r4 Security Control IA-2 (12): Acceptance of PIV Credentials, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (12): Acceptance of PIV Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials

TIP NIST SP 800-53 r4 Security Control IA-3: Device Identification and Authentication, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3: Device Identification and Authentication. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication

TIP NIST SP 800-53 r4 Security Control IA-4: Identifier Management, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4: Identifier Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement

TIP NIST SP 800-53 r4 Security Control IA-5: Authenticator Management, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5: Authenticator Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement

TIP NIST SP 800-53 r4 Security Control IA-5 (1): Password-Based Authentication, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (1): Password-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication

TIP NIST SP 800-53 r4 Security Control IA-5 (2): PKI-Based Authentication, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (2): PKI-Based Authentication. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication

TIP NIST SP 800-53 r4 Security Control IA-5 (3): In-Person or Trusted Third-Party Registration, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (3): In-Person or Trusted Third-Party Registration. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration

TIP NIST SP 800-53 r4 Security Control IA-5 (11): Hardware Token-Based Authentication, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (11): Hardware Token-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication

TIP NIST SP 800-53 r4 Security Control IA-6: Authenticator Feedback, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-6: Authenticator Feedback. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback

TIP NIST SP 800-53 r4 Security Control IA-7: Cryptographic Module Authentication, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-7: Cryptographic Module Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication

TIP NIST SP 800-53 r4 Security Control IA-8: Identification and Authentication (Non-Organizational Users), v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8: Identification and Authentication (Non-Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers

TIP NIST SP 800-53 r4 Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies

TIP NIST SP 800-53 r4 Security Control IA-8 (2): Acceptance of Third-Party Credentials, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (2): Acceptance of Third-Party Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials

TIP NIST SP 800-53 r4 Security Control IA-8 (3): Use of FICAM-Approved Products, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (3): Use of FICAM-Approved Products. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts

TIP NIST SP 800-53 r4 Security Control IA-8 (4): Use of FICAM-Issued Profiles, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (4): Use of FICAM-Issued Profiles. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON