Secure Req 6
<< Back to Baseline Functional Requirements Index
SECURE-6. CREDENTIAL UNIQUENESS
Entities that issue or manage credentials MUST ensure that each account to credential pairing is uniquely identifiable within its namespace for authentication purposes.
A unique identifier must be assigned to each pairing of associated account and credential. This is to be used for the purposes of binding registration information with credentials in order to facilitate authentication and to avoid collisions of identifiers in the namespace.
FICAM TFPAP Trust Criteria, Security, LOA 1-3, #1 (p.19), ISO 27002 (2005) Section 11 (Access Control), FFIEC, PCI-DSS 8.1 (http://pcidsscompliance.net/pci-dss-requirements/how-to-comply-to-requirement-8-of-pci-dss/)