CCI-000187

For public key-based authentication, map the authenticated identity to the account of the individual or group.

Implementation Guidance

Determine if the authenticated identity is mapped to the account of the individual or group for public key-based authentication.

Validation Procedures

Examine: [SELECT FROM: Identification and authentication policy; procedures addressing authenticator management; system security plan; system design documentation; system configuration settings and associated documentation; PKI certification validation records; PKI certification revocation lists; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with PKI-based, authenticator management responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers]. Test: [SELECT FROM: Mechanisms supporting and/or implementing PKI-based, authenticator management capability].

The controls below (if any) were marked by NIST as being related to CCI-000187.