AC-17(10): Authenticate Remote Commands
Control Family:
Parent Control:
Threats Addressed:
Baselines:
(Not part of any baseline)
Control is new to this version of the control set and incorporates the following control from the previous version: SI-3(9): Authenticate Remote Commands.
Control Statement
Implement [Assignment: organization-defined mechanisms] to authenticate [Assignment: organization-defined remote commands].
Supplemental Guidance
Authenticating remote commands protects against unauthorized commands and the replay of authorized commands. The ability to authenticate remote commands is important for remote systems for which loss, malfunction, misdirection, or exploitation would have immediate or serious consequences, such as injury, death, property damage, loss of high value assets, failure of mission or business functions, or compromise of classified or controlled unclassified information. Authentication mechanisms for remote commands ensure that systems accept and execute commands in the order intended, execute only authorized commands, and reject unauthorized commands. Cryptographic mechanisms can be used, for example, to authenticate remote commands.