Secure Req 7

From IDESG Wiki
Revision as of 04:03, 28 June 2018 by Omaerz (talk | contribs) (7 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

<< Back to Baseline Functional Requirements Index

SECURE-7. TOKEN CONTROL

Entities that authenticate a USER MUST employ industry-accepted secure authentication protocols to demonstrate the USER's control of a valid token.

SUPPLEMENTAL GUIDANCE

Successful authentication requires that the user prove, through a secure authentication protocol, that he or she controls the appropriate token(s). Control is best demonstrated by a user providing token value through the authentication protocol (e.g., password, PIN, or biometric).

REFERENCES

FICAM TFPAP Trust Criteria, Authentication Process, LOA 2, #6 (p.21)

APPLIES TO ACTIVITIES

AUTHENTICATION

KEYWORDS

CONTROLS, IDENTIFIER, PROVISIONING, SECURITY, TOKEN



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |