SC-28(3): Cryptographic Keys

Control Family:

System and Communications Protection

Parent Control:

SC-28: Protection of Information at Rest

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

Provide protected storage for cryptographic keys [Assignment: [Assignment: organization-defined safeguards] , hardware-protected key store].

Supplemental Guidance

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.

Related Controls

NIST Special Publication 800-53 Revision 5