Secure Req 7

From IDESG Wiki
Jump to navigation Jump to search

<< Back to Baseline Functional Requirements Index

SECURE-7. TOKEN CONTROL

Entities that authenticate a USER MUST employ industry-accepted secure authentication protocols to demonstrate the USER's control of a valid token.

SUPPLEMENTAL GUIDANCE

Successful authentication requires that the user prove, through a secure authentication protocol, that he or she controls the appropriate token(s). Control is best demonstrated by a user providing token value through the authentication protocol (e.g., password, PIN, or biometric).

REFERENCES

FICAM TFPAP Trust Criteria, Authentication Process, LOA 2, #6 (p.21)

APPLIES TO ACTIVITIES

AUTHENTICATION

KEYWORDS

CONTROLS, IDENTIFIER, PROVISIONING, SECURITY, TOKEN

Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |

Retrieved from "https://wiki.idesg.org/index.php?title=Secure_Req_7&oldid=6654"