Establish, implement, and maintain federated identity systems.
CONTROL ID 13837
CONTROL TYPE Technical Security
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Establish, implement, and maintain a digital identity management program., CC ID: 13713
This Control has the following implementation support Control(s):
Authenticate all systems in a federated identity system., CC ID: 13835
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Provide personal identification functions. (P10.1. ¶ 3(1), FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
The IAL, AAL, and FAL SHALL be known to the RP at the conclusion of the federation transaction. This information MAY be pre-established or the IdP MAY communicate this at runtime in the assertion. For example, the information can be presented using technologies defined in [RFC 8485], [OIDC4IA], or [… (7.2 ¶ 2, FIPS Pub 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors)