IA-7: Cryptographic Module Authentication

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:


  • Low
    • IA-7
  • Moderate
    • IA-7
  • High
    • IA-7
  • Privacy


Previous Version:

Control Statement

Implement mechanisms for authentication to a cryptographic module that meet the requirements of applicable laws, executive orders, directives, policies, regulations, standards, and guidelines for such authentication.

Supplemental Guidance

Authentication mechanisms may be required within a cryptographic module to authenticate an operator accessing the module and to verify that the operator is authorized to assume the requested role and perform services within that role.