https://wiki.idesg.org/index.php?action=history&feed=atom&title=Secure_Req_4 2026-05-01T09:43:23Z Revision history for this page on the wiki MediaWiki 1.38.4 https://wiki.idesg.org/index.php?title=Secure_Req_4&diff=6627&oldid=prev 2018-06-28T04:03:36Z

<p>8 revisions imported: Initial Upload of old pages from IDESG Wiki</p> <p><b>New page</b></p><div>&#039;&#039;&lt;&lt; Back to [[Baseline_Functional_Requirements_v1.0|Baseline Functional Requirements Index]]&#039;&#039;<br /> <br /> == SECURE-4. CREDENTIAL PROTECTION ==<br /> Entities that issue or manage credentials and tokens MUST implement industry-accepted data integrity practices to enable individuals and other entities to verify the source of credential and token data.<br /> <br /> === SUPPLEMENTAL GUIDANCE ===<br /> When providing token and credential information to users, steps must be taken to allow users to authenticate the source of the information. This can include digital signing of credential information, providing secure transport mechanisms for the information (e.g., properly configured TLS), or delivering the information out of band (e.g., traditional mail or SMS).<br /> <br /> === REFERENCES ===<br /> FICAM TFPAP Trust Criteria, Registration and Issuance, LOA 2-3, #4 (p.21, 37)<br /> <br /> === APPLIES TO ACTIVITIES ===<br /> [[IDEF Functional Model CREDENTIALING|CREDENTIALING]]<br /> <br /> === KEYWORDS ===<br /> [[IDEF Keywords CREDENTIAL|CREDENTIAL]], [[IDEF Keywords DATA-INTEGRITY|DATA-INTEGRITY]], [[IDEF Keywords SECURITY|SECURITY]], [[IDEF Keywords TOKEN|TOKEN]]<br /> ----<br /> ----<br /> Quick Links: [[SALS]] | [[Baseline Functional Requirements v1.0]] | [[Glossary]] |<br /> <br /> ----<br /> ----</div>

Omaerz