SC-28(3): Cryptographic Keys

CSF v1.1 References:

Baselines:

(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

Provide protected storage for cryptographic keys [Assignment: [Assignment: organization-defined safeguards] , hardware-protected key store].

Supplemental Guidance

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.