NIST 800-171 - Session Authenticity (3.13.15)

Overview:
Protect the authenticity of communications sessions.

Action Items:
3.13.15[a]
Determine if: the authenticity of communications sessions is protected.

POTENTIAL ASSESSMENT METHODS AND OBJECTS

1
Examine: System and communications protection policy; procedures addressing session authenticity; system security plan; system design documentation; system configuration settings and associated documentation; system audit logs and records; other relevant documents or records].

2
Interview: System or network administrators; personnel with information security responsibilities].

3
Test: Mechanisms supporting or implementing session authenticity].

Related Documents (document name and content will vary by organization):
1) System and communications protection policy
2) procedures addressing session authenticity
3) system security plan
4) system design documentation
5) system configuration settings and associated documentation
6) system audit logs and records
7) other relevant documents or records

Additional Guidance:
This requirement addresses communications protection at the session versus packet level (e.g., sessions in service-oriented architectures providing web-based services) and establishes grounds for confidence at both ends of communications sessions in ongoing identities of other parties and in the validity of information transmitted. Authenticity protection includes, for example, protecting against man-in-the-middle attacks, session hijacking, and the insertion of false information into sessions. NIST Special Publications 800-52, 800-77, 800-95, and 800-113 provide guidance on secure communications sessions.