Overview:
The information system, for hardware token-based authentication, employs mechanisms that satisfy [Assignment: organization-defined token quality requirements].
Supplemental Guidance:
Hardware token-based authentication typically refers to the use of PKI-based tokens, such as the U.S. Government Personal Identity Verification (PIV) card. Organizations define specific requirements for tokens, such as working with a particular PKI.
Action Items:
1) Ensure that hardware token-based authentication meets organizational requirements
Related Documents:
1) Identity and Access Management Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 709
Created: September 30, 2022
Last Updated: September 30, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/hardware-token-based-authentication-ia-5-11-709.html