Back

Implement federated identity systems, as necessary.


CONTROL ID
13837
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a digital identity management program., CC ID: 13713

This Control has the following implementation support Control(s):
  • Authenticate all systems in a federated identity system., CC ID: 13835


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • The IAL, AAL, and FAL SHALL be known to the RP at the conclusion of the federation transaction. This information MAY be pre-established or the IdP MAY communicate this at runtime in the assertion. For example, the information can be presented using technologies defined in [RFC 8485], [OIDC4IA], or [… (7.2 ΒΆ 2, FIPS Pub 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors)