Hardware Token-Based Authentication IA-5(11)

Overview:
The information system, for hardware token-based authentication, employs mechanisms that satisfy [Assignment: organization-defined token quality requirements].

Supplemental Guidance:
Hardware token-based authentication typically refers to the use of PKI-based tokens, such as the U.S. Government Personal Identity Verification (PIV) card. Organizations define specific requirements for tokens, such as working with a particular PKI.

Action Items:
1) Ensure that hardware token-based authentication meets organizational requirements

Related Documents:
1) Identity and Access Management Policy

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none