Skip to main content

πŸ’Ό IA-8 IDENTIFICATION AND AUTHENTICATION (NON-ORGANIZATIONAL USERS)

  • Contextual name: πŸ’Ό IA-8 IDENTIFICATION AND AUTHENTICATION (NON-ORGANIZATIONAL USERS)
  • ID: /frameworks/nist-sp-800-53-r4/ia/08
  • Located in: πŸ’Ό IA IDENTIFICATION AND AUTHENTICATION

Description​

The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).

Similar​

  • Internal
    • ID: dec-c-c29379c1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions48
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks)1922

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό IA-8 (1) ACCEPTANCE OF PIV CREDENTIALS FROM OTHER AGENCIES
πŸ’Ό IA-8 (2) ACCEPTANCE OF THIRD-PARTY CREDENTIALS
πŸ’Ό IA-8 (3) USE OF FICAM-APPROVED PRODUCTS
πŸ’Ό IA-8 (4) USE OF FICAM-ISSUED PROFILES
πŸ’Ό IA-8 (5) ACCEPTANCE OF PIV-I CREDENTIALS