Secure Req 13

From IDESG Wiki
Jump to navigation Jump to search

<< Back to Baseline Functional Requirements Index

SECURE-13. REVOCATION

Entities that issue credentials or tokens MUST have processes and procedures in place to invalidate credentials and tokens.

SUPPLEMENTAL GUIDANCE

Service Providers must be capable of revoking, deactivating, or otherwise invalidating credentials or tokens. Invalidated credentials include those that have expired, have been determined to be compromised, or have been canceled by either the issuing entity or user.

Timeliness of revocation and deactivation may be dictated by regulation, environment, or trust frameworks.

REFERENCES

FICAM TFPAP Trust Criteria, Token & Credential Management, LOA 2-3, #4 (p.32)

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING

KEYWORDS

CREDENTIAL, EXPIRY, LOSS, PROCESS, REVOCATION, SECURITY, TOKEN

Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |

Retrieved from "https://wiki.idesg.org/index.php?title=Secure_Req_13&oldid=6583"