Skip to main content

💼 IA Identification And Authentication

  • Contextual name: 💼 IA Identification And Authentication
  • ID: /frameworks/nist-sp-800-53-r5/ia
  • Located in: 💼 NIST SP 800-53 Revision 5

Description

Empty...

Similar

  • Internal
    • ID: dec-b-b2769d26

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags
💼 IA-1 Policy and Procedures
💼 IA-2 Identification and Authentication (organizational Users)13
    💼 IA-2(1) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Privileged Accounts2
    💼 IA-2(2) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Non-privileged Accounts2
    💼 IA-2(3) Identification and Authentication (organizational Users) _ Local Access to Privileged Accounts
    💼 IA-2(4) Identification and Authentication (organizational Users) _ Local Access to Non-privileged Accounts
    💼 IA-2(5) Identification and Authentication (organizational Users) _ Individual Authentication with Group Authentication
    💼 IA-2(6) Identification and Authentication (organizational Users) _ Access to Accounts —separate Device2
    💼 IA-2(7) Identification and Authentication (organizational Users) _ Network Access to Non-privileged Accounts — Separate Device
    💼 IA-2(8) Identification and Authentication (organizational Users) _ Access to Accounts — Replay Resistant2
    💼 IA-2(9) Identification and Authentication (organizational Users) _ Network Access to Non-privileged Accounts — Replay Resistant
    💼 IA-2(10) Identification and Authentication (organizational Users) _ Single Sign-on
    💼 IA-2(11) Identification and Authentication (organizational Users) _ Remote Access — Separate Device
    💼 IA-2(12) Identification and Authentication (organizational Users) _ Acceptance of PIV Credentials
    💼 IA-2(13) Identification and Authentication (organizational Users) _ Out-of-band Authentication
💼 IA-3 Device Identification and Authentication4
    💼 IA-3(1) Device Identification and Authentication _ Cryptographic Bidirectional Authentication
    💼 IA-3(2) Device Identification and Authentication _ Cryptographic Bidirectional Network Authentication
    💼 IA-3(3) Device Identification and Authentication _ Dynamic Address Allocation
    💼 IA-3(4) Device Identification and Authentication _ Device Attestation
💼 IA-4 Identifier Management9
    💼 IA-4(1) Identifier Management _ Prohibit Account Identifiers as Public Identifiers
    💼 IA-4(2) Identifier Management _ Supervisor Authorization
    💼 IA-4(3) Identifier Management _ Multiple Forms of Certification
    💼 IA-4(4) Identifier Management _ Identify User Status
    💼 IA-4(5) Identifier Management _ Dynamic Management
    💼 IA-4(6) Identifier Management _ Cross-organization Management
    💼 IA-4(7) Identifier Management _ In-person Registration
    💼 IA-4(8) Identifier Management _ Pairwise Pseudonymous Identifiers
    💼 IA-4(9) Identifier Management _ Attribute Maintenance and Protection
💼 IA-5 Authenticator Management18
    💼 IA-5(1) Authenticator Management _ Password-based Authentication4
    💼 IA-5(2) Authenticator Management _ Public Key-based Authentication
    💼 IA-5(3) Authenticator Management _ In-person or Trusted External Party Registration
    💼 IA-5(4) Authenticator Management _ Automated Support for Password Strength Determination
    💼 IA-5(5) Authenticator Management _ Change Authenticators Prior to Delivery
    💼 IA-5(6) Authenticator Management _ Protection of Authenticators
    💼 IA-5(7) Authenticator Management _ No Embedded Unencrypted Static Authenticators
    💼 IA-5(8) Authenticator Management _ Multiple System Accounts
    💼 IA-5(9) Authenticator Management _ Federated Credential Management
    💼 IA-5(10) Authenticator Management _ Dynamic Credential Binding
    💼 IA-5(11) Authenticator Management _ Hardware Token-based Authentication
    💼 IA-5(12) Authenticator Management _ Biometric Authentication Performance
    💼 IA-5(13) Authenticator Management _ Expiration of Cached Authenticators
    💼 IA-5(14) Authenticator Management _ Managing Content of PKI Trust Stores
    💼 IA-5(15) Authenticator Management _ GSA-approved Products and Services
    💼 IA-5(16) Authenticator Management _ In-person or Trusted External Party Authenticator Issuance
    💼 IA-5(17) Authenticator Management _ Presentation Attack Detection for Biometric Authenticators
    💼 IA-5(18) Authenticator Management _ Password Managers
💼 IA-6 Authentication Feedback
💼 IA-7 Cryptographic Module Authentication
💼 IA-8 Identification and Authentication (non-organizational Users)6
    💼 IA-8(1) Identification and Authentication (non-organizational Users) _ Acceptance of PIV Credentials from Other Agencies
    💼 IA-8(2) Identification and Authentication (non-organizational Users) _ Acceptance of External Authenticators
    💼 IA-8(3) Identification and Authentication (non-organizational Users) _ Use of FICAM-approved Products
    💼 IA-8(4) Identification and Authentication (non-organizational Users) _ Use of Defined Profiles
    💼 IA-8(5) Identification and Authentication (non-organizational Users) _ Acceptance of PVI-I Credentials
    💼 IA-8(6) Identification and Authentication (non-organizational Users) _ Disassociability
💼 IA-9 Service Identification and Authentication2
    💼 IA-9(1) Service Identification and Authentication _ Information Exchange
    💼 IA-9(2) Service Identification and Authentication _ Transmission of Decisions
💼 IA-10 Adaptive Authentication
💼 IA-11 Re-authentication
💼 IA-12 Identity Proofing6
    💼 IA-12(1) Identity Proofing _ Supervisor Authorization
    💼 IA-12(2) Identity Proofing _ Identity Evidence
    💼 IA-12(3) Identity Proofing _ Identity Evidence Validation and Verification
    💼 IA-12(4) Identity Proofing _ In-person Validation and Verification
    💼 IA-12(5) Identity Proofing _ Address Confirmation
    💼 IA-12(6) Identity Proofing _ Accept Externally-proofed Identities