{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control IA-5: Authenticator Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.", "Keywords": [ "800-53", "Authentication", "Authenticator Management", "High", "Identification", "Low", "Moderate", "NIST", "P1", "Security" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Security Control IA-5: Authenticator Management", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8 and TD_ref9 and TD_ref10 and TD_ref11 and TD_ref12 and TD_ref13", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ia-5_-authenticator-management/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-reuse-conditions/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator reuse conditions as related to overall identification and authentication requirements.", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-reuse-conditions/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator reuse conditions as related to overall identification and authentication requirements.", "Number": 1, "Version": "1.0", "Name": "Authenticator Reuse Conditions" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Reuse Conditions", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/initial-authenticator-content/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for initial authenticator content as related to overall identification and authentication requirements.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/initial-authenticator-content/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for initial authenticator content as related to overall identification and authentication requirements.", "Number": 2, "Version": "1.0", "Name": "Initial Authenticator Content" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Initial Authenticator Content", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-default-content/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator default content as related to overall identification and authentication requirements.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-default-content/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator default content as related to overall identification and authentication requirements.", "Number": 3, "Version": "1.0", "Name": "Authenticator Default Content" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Default Content", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-distribution-procedures/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution procedures as related to overall identification and authentication requirements.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-distribution-procedures/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution procedures as related to overall identification and authentication requirements.", "Number": 4, "Version": "1.0", "Name": "Authenticator Distribution Procedures" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Distribution Procedures", "$id": "TD_ref4" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-protection/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator protection as related to overall identification and authentication requirements.", "Number": 5, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-protection/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator protection as related to overall identification and authentication requirements.", "Number": 5, "Version": "1.0", "Name": "Authenticator Protection" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Protection", "$id": "TD_ref5" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/group-and-role-authenticator-changes/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for group and role authenticator changes as related to overall identification and authentication requirements.", "Number": 6, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/group-and-role-authenticator-changes/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for group and role authenticator changes as related to overall identification and authentication requirements.", "Number": 6, "Version": "1.0", "Name": "Group and Role Authenticator Changes" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Group and Role Authenticator Changes", "$id": "TD_ref6" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/procedures-for-authenticator-loss-damage-or-compromise/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for procedures for authenticator loss, damage, or compromise as related to overall identification and authentication requirements.", "Number": 7, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/procedures-for-authenticator-loss-damage-or-compromise/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for procedures for authenticator loss, damage, or compromise as related to overall identification and authentication requirements.", "Number": 7, "Version": "1.0", "Name": "Procedures for Authenticator Loss, Damage, or Compromise" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Procedures for Authenticator Loss, Damage, or Compromise", "$id": "TD_ref7" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-strength/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator strength as related to overall identification and authentication requirements.", "Number": 8, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-strength/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator strength as related to overall identification and authentication requirements.", "Number": 8, "Version": "1.0", "Name": "Authenticator Strength" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Strength", "$id": "TD_ref8" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-distribution-verification/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution verification as related to overall identification and authentication requirements.", "Number": 9, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-distribution-verification/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator distribution verification as related to overall identification and authentication requirements.", "Number": 9, "Version": "1.0", "Name": "Authenticator Distribution Verification" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Distribution Verification", "$id": "TD_ref9" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-lifetime/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator lifetime as related to overall identification and authentication requirements.", "Number": 10, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-lifetime/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator lifetime as related to overall identification and authentication requirements.", "Number": 10, "Version": "1.0", "Name": "Authenticator Lifetime" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Lifetime", "$id": "TD_ref10" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-revocation/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator revocation as related to overall identification and authentication requirements.", "Number": 11, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-revocation/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator revocation as related to overall identification and authentication requirements.", "Number": 11, "Version": "1.0", "Name": "Authenticator Revocation" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Revocation", "$id": "TD_ref11" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-refresh/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator refresh as related to overall identification and authentication requirements.", "Number": 12, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-refresh/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator refresh as related to overall identification and authentication requirements.", "Number": 12, "Version": "1.0", "Name": "Authenticator Refresh" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Refresh", "$id": "TD_ref12" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-content-protection/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator content protection as related to overall identification and authentication requirements.", "Number": 13, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/authenticator-content-protection/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for authenticator content protection as related to overall identification and authentication requirements.", "Number": 13, "Version": "1.0", "Name": "Authenticator Content Protection" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Authenticator Content Protection", "$id": "TD_ref13" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }