{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to all supplemental security controls in NIST Special Publication 800-53, r4, under the control family of Identification and Authentication.", "Keywords": [ "800-53", "Authentication", "Identification", "NIST", "Security", "Supplemental" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 - Security Control Family: Identification and Authentication - Supplemental Controls", "TrustExpression": "TIP_NISTSP80053r4SecurityControlIA25GroupAuthentication and TIP_NISTSP80053r4SecurityControlIA26NetworkAccesstoPrivilegedAccountsSeparateDevice and TIP_NISTSP80053r4SecurityControlIA27NetworkAccesstoNonPrivilegedAccountsSeparateDevice and TIP_NISTSP80053r4SecurityControlIA210SingleSignOn and TIP_NISTSP80053r4SecurityControlIA213OutOfBandAuthentication and TIP_NISTSP80053r4SecurityControlIA31CryptographicBidirectionalAuthentication and TIP_NISTSP80053r4SecurityControlIA33DynamicAddressAllocation and TIP_NISTSP80053r4SecurityControlIA34DeviceAttestation and TIP_NISTSP80053r4SecurityControlIA41ProhibitAccountIdentifiersasPublicIdentifiers and TIP_NISTSP80053r4SecurityControlIA42SupervisorAuthorization and TIP_NISTSP80053r4SecurityControlIA43MultipleFormsofCertification and TIP_NISTSP80053r4SecurityControlIA44IdentifyUserStatus and TIP_NISTSP80053r4SecurityControlIA45DynamicManagement and TIP_NISTSP80053r4SecurityControlIA46CrossOrganizationManagement and TIP_NISTSP80053r4SecurityControlIA47InPersonRegistration and TIP_NISTSP80053r4SecurityControlIA54AutomatedSupportforPasswordStrengthDetermination and TIP_NISTSP80053r4SecurityControlIA55ChangeAuthenticatorsPriortoDelivery and TIP_NISTSP80053r4SecurityControlIA56ProtectionofAuthenticators and TIP_NISTSP80053r4SecurityControlIA57NoEmbeddedUnencryptedStaticAuthenticators and TIP_NISTSP80053r4SecurityControlIA58MultipleInformationSystemAccounts and TIP_NISTSP80053r4SecurityControlIA59CrossOrganizationCredentialManagement and TIP_NISTSP80053r4SecurityControlIA510DynamicCredentialAssociation and TIP_NISTSP80053r4SecurityControlIA512BiometricBasedAuthentication and TIP_NISTSP80053r4SecurityControlIA513ExpirationofCachedAuthenticators and TIP_NISTSP80053r4SecurityControlIA514ManagingContentofPKITrustStores and TIP_NISTSP80053r4SecurityControlIA515FICAMApprovedProductsandServices and TIP_NISTSP80053r4SecurityControlIA85AcceptanceofPIVICredentials and TIP_NISTSP80053r4SecurityControlIA9ServiceIdentificationandAuthentication and TIP_NISTSP80053r4SecurityControlIA91InformationExchange and TIP_NISTSP80053r4SecurityControlIA92TransmissionofDecisions and TIP_NISTSP80053r4SecurityControlIA10AdaptiveIdentificationandAuthentication and TIP_NISTSP80053r4SecurityControlIA11ReAuthentication", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-identification-and-authentication---supplemental-controls/4/", "Version": "4", "References": {"TrustInteroperabilityProfileReferences": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-2-_5__-group-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (5): Group Authentication.", "Number": 1, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-2 (5): Group Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA25GroupAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-2-_6__-network-access-to-privileged-accounts---separate-device/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (6): Network Access to Privileged Accounts - Separate Device.", "Number": 2, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-2 (6): Network Access to Privileged Accounts - Separate Device", "$id": "TIP_NISTSP80053r4SecurityControlIA26NetworkAccesstoPrivilegedAccountsSeparateDevice" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-2-_7__-network-access-to-non-privileged-accounts---separate-device/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (7): Network Access to Non-Privileged Accounts - Separate Device.", "Number": 3, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-2 (7): Network Access to Non-Privileged Accounts - Separate Device", "$id": "TIP_NISTSP80053r4SecurityControlIA27NetworkAccesstoNonPrivilegedAccountsSeparateDevice" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-2-_10__-single-sign-on/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (10): Single Sign-On.", "Number": 4, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-2 (10): Single Sign-On", "$id": "TIP_NISTSP80053r4SecurityControlIA210SingleSignOn" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-2-_13__-out-of-band-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-2 (13): Out-Of-Band Authentication.", "Number": 5, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-2 (13): Out-Of-Band Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA213OutOfBandAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-3-_1__-cryptographic-bidirectional-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3 (1): Cryptographic Bidirectional Authentication.", "Number": 6, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-3 (1): Cryptographic Bidirectional Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA31CryptographicBidirectionalAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-3-_3__-dynamic-address-allocation/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3 (3): Dynamic Address Allocation.", "Number": 7, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-3 (3): Dynamic Address Allocation", "$id": "TIP_NISTSP80053r4SecurityControlIA33DynamicAddressAllocation" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-3-_4__-device-attestation/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-3 (4): Device Attestation.", "Number": 8, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-3 (4): Device Attestation", "$id": "TIP_NISTSP80053r4SecurityControlIA34DeviceAttestation" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_1__-prohibit-account-identifiers-as-public-identifiers/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (1): Prohibit Account Identifiers as Public Identifiers.", "Number": 9, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (1): Prohibit Account Identifiers as Public Identifiers", "$id": "TIP_NISTSP80053r4SecurityControlIA41ProhibitAccountIdentifiersasPublicIdentifiers" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_2__-supervisor-authorization/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (2): Supervisor Authorization.", "Number": 10, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (2): Supervisor Authorization", "$id": "TIP_NISTSP80053r4SecurityControlIA42SupervisorAuthorization" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_3__-multiple-forms-of-certification/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (3): Multiple Forms of Certification.", "Number": 11, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (3): Multiple Forms of Certification", "$id": "TIP_NISTSP80053r4SecurityControlIA43MultipleFormsofCertification" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_4__-identify-user-status/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (4): Identify User Status.", "Number": 12, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (4): Identify User Status", "$id": "TIP_NISTSP80053r4SecurityControlIA44IdentifyUserStatus" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_5__-dynamic-management/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (5): Dynamic Management.", "Number": 13, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (5): Dynamic Management", "$id": "TIP_NISTSP80053r4SecurityControlIA45DynamicManagement" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_6__-cross-organization-management/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (6): Cross-Organization Management.", "Number": 14, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (6): Cross-Organization Management", "$id": "TIP_NISTSP80053r4SecurityControlIA46CrossOrganizationManagement" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-4-_7__-in-person-registration/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-4 (7): In-Person Registration.", "Number": 15, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-4 (7): In-Person Registration", "$id": "TIP_NISTSP80053r4SecurityControlIA47InPersonRegistration" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_4__-automated-support-for-password-strength-determination/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (4): Automated Support for Password Strength Determination.", "Number": 16, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (4): Automated Support for Password Strength Determination", "$id": "TIP_NISTSP80053r4SecurityControlIA54AutomatedSupportforPasswordStrengthDetermination" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_5__-change-authenticators-prior-to-delivery/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (5): Change Authenticators Prior to Delivery.", "Number": 17, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (5): Change Authenticators Prior to Delivery", "$id": "TIP_NISTSP80053r4SecurityControlIA55ChangeAuthenticatorsPriortoDelivery" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_6__-protection-of-authenticators/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (6): Protection of Authenticators.", "Number": 18, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (6): Protection of Authenticators", "$id": "TIP_NISTSP80053r4SecurityControlIA56ProtectionofAuthenticators" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_7__-no-embedded-unencrypted-static-authenticators/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (7): No Embedded Unencrypted Static Authenticators.", "Number": 19, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (7): No Embedded Unencrypted Static Authenticators", "$id": "TIP_NISTSP80053r4SecurityControlIA57NoEmbeddedUnencryptedStaticAuthenticators" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_8__-multiple-information-system-accounts/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (8): Multiple Information System Accounts.", "Number": 20, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (8): Multiple Information System Accounts", "$id": "TIP_NISTSP80053r4SecurityControlIA58MultipleInformationSystemAccounts" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_9__-cross-organization-credential-management/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (9): Cross-Organization Credential Management.", "Number": 21, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (9): Cross-Organization Credential Management", "$id": "TIP_NISTSP80053r4SecurityControlIA59CrossOrganizationCredentialManagement" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_10__-dynamic-credential-association/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (10): Dynamic Credential Association.", "Number": 22, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (10): Dynamic Credential Association", "$id": "TIP_NISTSP80053r4SecurityControlIA510DynamicCredentialAssociation" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_12__-biometric-based-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (12): Biometric-Based Authentication.", "Number": 23, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (12): Biometric-Based Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA512BiometricBasedAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_13__-expiration-of-cached-authenticators/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (13): Expiration of Cached Authenticators.", "Number": 24, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (13): Expiration of Cached Authenticators", "$id": "TIP_NISTSP80053r4SecurityControlIA513ExpirationofCachedAuthenticators" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_14__-managing-content-of-pki-trust-stores/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (14): Managing Content of PKI Trust Stores.", "Number": 25, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (14): Managing Content of PKI Trust Stores", "$id": "TIP_NISTSP80053r4SecurityControlIA514ManagingContentofPKITrustStores" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5-_15__-ficam-approved-products-and-services/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5 (15): FICAM-Approved Products and Services.", "Number": 26, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-5 (15): FICAM-Approved Products and Services", "$id": "TIP_NISTSP80053r4SecurityControlIA515FICAMApprovedProductsandServices" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-8-_5__-acceptance-of-piv-i-credentials/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-8 (5): Acceptance of PIV-I Credentials.", "Number": 27, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-8 (5): Acceptance of PIV-I Credentials", "$id": "TIP_NISTSP80053r4SecurityControlIA85AcceptanceofPIVICredentials" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-9_-service-identification-and-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-9: Service Identification and Authentication.", "Number": 28, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-9: Service Identification and Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA9ServiceIdentificationandAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-9-_1__-information-exchange/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-9 (1): Information Exchange.", "Number": 29, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-9 (1): Information Exchange", "$id": "TIP_NISTSP80053r4SecurityControlIA91InformationExchange" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-9-_2__-transmission-of-decisions/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-9 (2): Transmission of Decisions.", "Number": 30, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-9 (2): Transmission of Decisions", "$id": "TIP_NISTSP80053r4SecurityControlIA92TransmissionofDecisions" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-10_-adaptive-identification-and-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-10: Adaptive Identification and Authentication.", "Number": 31, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-10: Adaptive Identification and Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA10AdaptiveIdentificationandAuthentication" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-11_-re-authentication/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-11: Re-Authentication.", "Number": 32, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control IA-11: Re-Authentication", "$id": "TIP_NISTSP80053r4SecurityControlIA11ReAuthentication" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }