An error occurred:

Check: SRG-APP-000405-AS-000250

Application Server SRG: SRG-APP-000405-AS-000250 (in versions v4 r2 through v2 r2)

Title

The application server must conform to Federal Identity, Credential, and Access Management (FICAM)-issued profiles. (Cat II impact)

Discussion

Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0. This requirement addresses open identity management standards.

Check Content

Review the application server documentation and configuration to determine if the application server conforms to FICAM-issued profiles. If the application server does not conform to FICAM-issued profiles, this is a finding.

Fix Text

Configure the application server to conform to FICAM-issued profiles.

Additional Identifiers

Rule ID: SV-204809r981696_rule

Vulnerability ID: V-204809

Group Title: SRG-APP-000405

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-004085

Conform to organization-defined identity management profiles for identity management.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check