An error occurred:

Check: SRG-APP-000405-AS-000250

Application Server SRG: SRG-APP-000405-AS-000250 (in versions v3 r4 through v2 r2)

Title

The application server must conform to FICAM-issued profiles. (Cat II impact)

Discussion

Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0. This requirement addresses open identity management standards.

Check Content

Review the application server documentation and configuration to determine if the application server conforms to FICAM-issued profiles. If the application server does not conform to FICAM-issued profiles, this is a finding.

Fix Text

Configure the application server to conform to FICAM-issued profiles.

Additional Identifiers

Rule ID: SV-204809r879778_rule

Vulnerability ID: V-204809

Group Title: SRG-APP-000405

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002014

The information system conforms to FICAM-issued profiles.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-8 (4)

Use Of Ficam-Issued Profiles