IA-5(9): Federated Credential Management

Control Family:

Identification and Authentication

Parent Control:

IA-5: Authenticator Management

CSF v1.1 References:

PR.AC-1
PR.AC-6
PR.AC-7

Threats Addressed:

Spoofing
Repudiation

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
IA-5(9): Cross-Organization Credential Management

Control Statement

Use the following external organizations to federate credentials: [Assignment: organization-defined external organizations].

Supplemental Guidance

Federation provides organizations with the capability to authenticate individuals and devices when conducting cross-organization activities involving the processing, storage, or transmission of information. Using a specific list of approved external organizations for authentication helps to ensure that those organizations are vetted and trusted.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5