| Trust Interoperability Profile Name | Version |
|---|---|
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for PINs utilized in conjunction with a certificate or a token (e.g. key fob with rolling numbers) for the purpose of advanced authentication to not be transmitted in the clear outside a secure location.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for agencies that implement the use of a PIN as a standard authenticator to follow the guidance provided for passwords.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for access controls to be in place and operational for all IT systems to prevent multiple concurrent active sessions for one user identification, for those applications accessing CJI, unless the agency grants authority based upon operational business needs.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an organization to configure applications, services, or information systems to provide only essential capabilities.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for systems to enforce a limit (where feasible) of no more than 5 consecutive invalid access attempts by a user (attempting to access CJI or systems with access to CJI).
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, that the incident reporting/response process used by a service provider conforms to the incident reporting/response specifications provided in the CJIS Security Policy.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to ensure any connections to the Internet, other external networks, or information systems occur through controlled interfaces (e.g. proxies, gateways, routers, firewalls, encrypted tunnels).
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to develop, disseminate, and maintain formal, documented procedures to facilitate the implementation of the CJIS Security Policy and, where applicable, the local security policy.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for information system controls to restrict access to privileged functions (deployed in hardware, software, and firmware) and security-relevant information to explicitly authorized personnel.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for acess control policies (e.g., identity-based policies, role-based policies, rule-based policies) and associated access enforcement mechanisms (e.g., access control lists, access control matrices, cryptography) to be employed by agencies to control access between users (or processes acting on behalf of users) and objects (e.g., devices, files, records, processes, programs, domains) in the information system.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to document the process of validating information system accounts.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to identify authorized users of the information system and specify access rights/privileges.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to protect CJI at rest (i.e. stored electronically) outside the boundary of the physically secure location via cryptographic mechanisms (encryption).
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for establishing incident response and reporting procedures.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to enforce the most restrictive set of rights/privileges or access needed by users for the performance of specified tasks.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to identify applications, services, and information systems containing software or components affected by recently announced software flaws and potential vulnerabilities resulting from those flaws.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency (or the software developer/vendor in the case of software developed and maintained by a vendor/contractor) to develop and implement a local policy that ensures prompt installation of newly released security relevant patches, service packs and hot fixes.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an organization to expeditiously address patch requirements discovered during security assessments, continuous monitoring or incident response activities.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to uniquely identify information system users, administrators, maintenance personnel, and processes acting on behalf of users and authenticate the identities of those users or processes as a prerequisite to allowing access to agency information systems or services.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to ensure that identification data is kept current by adding new users and disabling and/or deleting former users.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to establish administrative procedures for initial authenticator distribution, for lost/compromised, or damaged authenticators, and for revoking authenticators.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to require users to take reasonable measures to safeguard authenticators including maintaining possession of their individual authenticators, not loaning or sharing authenticators with others, and immediately reporting lost or compromised authenticators.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to change authenticators periodically.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to ensure an appropriate agency official authorizes the issuance of user identifiers.
|
5.4 |
|
Profile of requirements from the FBI Criminal Justice Information Services (CJIS) Policy, version 5.4, for an agency to change default authenticators upon information system installation.
|
5.4 |
