NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for MODERATE Impact Systems, v4

Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.
Identifier https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-identification-and-authentication---controls-for-moderate-impact-systems/4/
Publication Date 2021-04-26
Issuing Organization
Trustmark Support help@trustmarkinitiative.org No telephone 75 5th Street, GTRI 30332
Keywords 800-53, Authentication, Identification, NIST, Security, Moderate
Legal Notice This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforLOWImpactSystems and TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures and TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts and TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant and TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice and TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials and TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication and TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement and TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement and TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration and TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback and TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication and TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers and TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies and TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials and TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts and TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles

References (23)

 TIP  NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Controls for LOW Impact Systems, v4
Description Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.
ID TIP_NISTSP80053r4SecurityControlFamilyIdentificationandAuthenticationControlsforLOWImpactSystems
 TIP  NIST SP 800-53 r4 Security Control IA-1: Identification and Authentication Policy and Procedures, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-1: Identification and Authentication Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA1IdentificationandAuthenticationPolicyandProcedures
 TIP  NIST SP 800-53 r4 Security Control IA-2: Identification and Authentication (Organizational Users), v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2: Identification and Authentication (Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA2IdentificationandAuthenticationOrganizationalUsers
 TIP  NIST SP 800-53 r4 Security Control IA-2 (1): Network Access to Privileged Accounts, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (1): Network Access to Privileged Accounts. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA21NetworkAccesstoPrivilegedAccounts
 TIP  NIST SP 800-53 r4 Security Control IA-2 (2): Network Access to Non-Privileged Accounts, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (2): Network Access to Non-Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA22NetworkAccesstoNonPrivilegedAccounts
 TIP  NIST SP 800-53 r4 Security Control IA-2 (3): Local Access to Privileged Accounts, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (3): Local Access to Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA23LocalAccesstoPrivilegedAccounts
 TIP  NIST SP 800-53 r4 Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (8): Network Access to Privileged Accounts - Replay Resistant. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA28NetworkAccesstoPrivilegedAccountsReplayResistant
 TIP  NIST SP 800-53 r4 Security Control IA-2 (11): Remote Access - Separate Device, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (11): Remote Access - Separate Device. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA211RemoteAccessSeparateDevice
 TIP  NIST SP 800-53 r4 Security Control IA-2 (12): Acceptance of PIV Credentials, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (12): Acceptance of PIV Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA212AcceptanceofPIVCredentials
 TIP  NIST SP 800-53 r4 Security Control IA-3: Device Identification and Authentication, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3: Device Identification and Authentication. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA3DeviceIdentificationandAuthentication
 TIP  NIST SP 800-53 r4 Security Control IA-4: Identifier Management, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4: Identifier Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA4IdentifierManagement
 TIP  NIST SP 800-53 r4 Security Control IA-5: Authenticator Management, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5: Authenticator Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA5AuthenticatorManagement
 TIP  NIST SP 800-53 r4 Security Control IA-5 (1): Password-Based Authentication, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (1): Password-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA51PasswordBasedAuthentication
 TIP  NIST SP 800-53 r4 Security Control IA-5 (2): PKI-Based Authentication, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (2): PKI-Based Authentication. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA52PKIBasedAuthentication
 TIP  NIST SP 800-53 r4 Security Control IA-5 (3): In-Person or Trusted Third-Party Registration, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (3): In-Person or Trusted Third-Party Registration. Applicable to MODERATE impact and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA53InPersonorTrustedThirdPartyRegistration
 TIP  NIST SP 800-53 r4 Security Control IA-5 (11): Hardware Token-Based Authentication, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (11): Hardware Token-Based Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA511HardwareTokenBasedAuthentication
 TIP  NIST SP 800-53 r4 Security Control IA-6: Authenticator Feedback, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-6: Authenticator Feedback. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA6AuthenticatorFeedback
 TIP  NIST SP 800-53 r4 Security Control IA-7: Cryptographic Module Authentication, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-7: Cryptographic Module Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA7CryptographicModuleAuthentication
 TIP  NIST SP 800-53 r4 Security Control IA-8: Identification and Authentication (Non-Organizational Users), v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8: Identification and Authentication (Non-Organizational Users). Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA8IdentificationandAuthenticationNonOrganizationalUsers
 TIP  NIST SP 800-53 r4 Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (1): Acceptance of PIV Credentials from Other Agencies. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA81AcceptanceofPIVCredentialsfromOtherAgencies
 TIP  NIST SP 800-53 r4 Security Control IA-8 (2): Acceptance of Third-Party Credentials, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (2): Acceptance of Third-Party Credentials. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA82AcceptanceofThirdPartyCredentials
 TIP  NIST SP 800-53 r4 Security Control IA-8 (3): Use of FICAM-Approved Products, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (3): Use of FICAM-Approved Products. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA83UseofFICAMApprovedProducts
 TIP  NIST SP 800-53 r4 Security Control IA-8 (4): Use of FICAM-Issued Profiles, v4
Description Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (4): Use of FICAM-Issued Profiles. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID TIP_NISTSP80053r4SecurityControlIA84UseofFICAMIssuedProfiles

Sources (1)

SP800-53R4 NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.
Also available as XML or JSON