Navigate

IA-5(11)

IA-5(11): Hardware Token-based Authentication

The information system, for hardware token-based authentication, employs mechanisms that satisfy [organization-defined token quality requirements].

Supplemental

Hardware token-based authentication typically refers to the use of PKI-based tokens, such as the U.S. Government Personal Identity Verification (PIV) card. Organizations define specific requirements for tokens, such as working with a particular PKI.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to IA-5(11).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of IA-5(11).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IA-5(11).

CCI	Definition
CCI-002002	The organization defines the token quality requirements to be employed by the information system mechanisms for token-based authentication.
CCI-002003	The information system, for token-based authentication, employs mechanisms that satisfy organization-defined token quality requirements.