AC-17(10): Authenticate Remote Commands

Control Family:

Access Control

Parent Control:

AC-17: Remote Access

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set and incorporates the following control from the previous version: SI-3(9): Authenticate Remote Commands.

Control Statement

Implement [Assignment: organization-defined mechanisms] to authenticate [Assignment: organization-defined remote commands].

Supplemental Guidance

Authenticating remote commands protects against unauthorized commands and the replay of authorized commands. The ability to authenticate remote commands is important for remote systems for which loss, malfunction, misdirection, or exploitation would have immediate or serious consequences, such as injury, death, property damage, loss of high value assets, failure of mission or business functions, or compromise of classified or controlled unclassified information. Authentication mechanisms for remote commands ensure that systems accept and execute commands in the order intended, execute only authorized commands, and reject unauthorized commands. Cryptographic mechanisms can be used, for example, to authenticate remote commands.