Omaerz: 7 revisions imported: Initial Upload of old pages from IDESG Wiki

2018-06-28T04:03:35Z

7 revisions imported: Initial Upload of old pages from IDESG Wiki

New page

''<< Back to [[Baseline_Functional_Requirements_v1.0|Baseline Functional Requirements Index]]''

== SECURE-3. CREDENTIAL REPRODUCTION ==
Entities that issue or manage credentials and tokens MUST implement industry-accepted processes to protect against their unauthorized disclosure and reproduction.

=== SUPPLEMENTAL GUIDANCE ===
Potential controls that can be put in place to prevent unauthorized disclosure and reproduction
include:
* The use of secure transport for credential and token data (see [[Secure Req 2|SECURE-2 (DATA INTEGRITY)]]);
* Implementation of industry accepted cryptographic techniques for the storage of credential and token data (see [[Secure Req 2|SECURE-2 (DATA INTEGRITY)]]);
* Implementation of industry accepted key management and protection techniques (see [[Secure Req 11|SECURE-11 (KEY MANAGEMENT)]]);
* Out-of-band distribution of credentials or tokens;
* In-person issuance of credentials or tokens; and
* Anti-tampering and/or counterfeiting mechanism for tokens with a physical instantiation

=== REFERENCES ===
FICAM TFPAP Trust Criteria, Registration and Issuance, LOA 2-3, #3 (p.21, 37)

=== APPLIES TO ACTIVITIES ===
[[IDEF Functional Model CREDENTIALING|CREDENTIALING]]

=== KEYWORDS ===
[[IDEF Keywords CREDENTIAL|CREDENTIAL]], [[IDEF Keywords DATA-INTEGRITY|DATA-INTEGRITY]], [[IDEF Keywords DUPLICATION|DUPLICATION]], [[IDEF Keywords PROCESS|PROCESS]], [[IDEF Keywords SECURITY|SECURITY]], [[IDEF Keywords TOKEN|TOKEN]]

----
----
Quick Links: [[SALS]] | [[Baseline Functional Requirements v1.0]] | [[Glossary]] |

----
----

Secure Req 3 - Revision history

Omaerz: 7 revisions imported: Initial Upload of old pages from IDESG Wiki