IA-4(5): Dynamic Management

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Previous Version:

Control Statement

Manage individual identifiers dynamically in accordance with [Assignment: organization-defined dynamic identifier policy].

Supplemental Guidance

In contrast to conventional approaches to identification that presume static accounts for preregistered users, many distributed systems establish identifiers at runtime for entities that were previously unknown. When identifiers are established at runtime for previously unknown entities, organizations can anticipate and provision for the dynamic establishment of identifiers. Pre-established trust relationships and mechanisms with appropriate authorities to validate credentials and related identifiers are essential.