πΌ PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions
- Contextual name: πΌ PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions
- ID:
/frameworks/nist-csf-v2.0/pr-aa/02 - Located in: πΌ Identity Management, Authentication, and Access Control (PR.AA)
Descriptionβ
- Verify a person's claimed identity at enrollment time using government-issued identity credentials (e.g., passport, visa, driver's license)
- Issue a different credential for each person (i.e., no credential sharing)
Similarβ
- Sections
/frameworks/nist-csf-v1.1/pr-ac/06/frameworks/nist-sp-800-53-r5/ia/12
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions | 4 | 8 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ IA-12 Identity Proofing | 6 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (8)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account IAM Password Policy Number of passwords to remember is not set to 24 π’ | 1 | π’ x6 |
| π AWS EC2 Instance IAM role is not attached π’ | 1 | π’ x6 |
| π AWS IAM User has inline or directly attached policies π’ | 1 | π x1, π’ x5 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | π’ x3 | |
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | π’ x3 | |
| π Consumer Google Accounts are used π’ | π’ x3 |