CoreOS 4.x - Identification and Authentication

Control responses for NIST 800-53 rev4.

NOTE: All CoreOS content is under active development through the ComplianceAsCode Project. Do not consider this content production ready!


Requirements Traceability Matrix

Control Name Status
IA-1 Identification And Authentication Policy And Procedures

not applicable

IA-2 Identification And Authentication (Organizational Users)

planned

IA-2 (1) Network Access To Privileged Accounts

planned

IA-2 (2) Network Access To Non-Privileged Accounts

planned

IA-2 (3) Local Access To Privileged Accounts

planned

IA-2 (4) Local Access To Non-Privileged Accounts

planned

IA-2 (5) Group Authentication

complete

IA-2 (6) Network Access To Privileged Accounts - Separate Device

planned

IA-2 (7) Network Access To Non-Privileged Accounts - Separate Device

planned

IA-2 (8) Network Access To Privileged Accounts - Replay Resistant

planned

IA-2 (9) Network Access To Non-Privileged Accounts - Replay Resistant

planned

IA-2 (10) Single Sign-On

planned

IA-2 (11) Remote Access - Separate Device

planned

IA-2 (12) Acceptance Of Piv Credentials

planned

IA-2 (13) Out-Of-Band Authentication

planned

IA-3 Device Identification And Authentication

planned

IA-3 (1) Cryptographic Bidirectional Authentication

planned

IA-3 (2) Cryptographic Bidirectional Network Authentication

not applicable

IA-3 (3) Dynamic Address Allocation

planned

IA-3 (4) Device Attestation

planned

IA-4 Identifier Management

planned

IA-4 (1) Prohibit Account Identifiers As Public Identifiers

planned

IA-4 (2) Supervisor Authorization

not applicable

IA-4 (3) Multiple Forms Of Certification

not applicable

IA-4 (4) Identify User Status

planned

IA-4 (5) Dynamic Management

planned

IA-4 (6) Cross-Organization Management

not applicable

IA-4 (7) In-Person Registration

not applicable

IA-5 Authenticator Management

planned

IA-5 (1) Password-Based Authentication

planned

IA-5 (2) Pki-Based Authentication

planned

IA-5 (3) In-Person Or Trusted Third-Party Registration

not applicable

IA-5 (4) Automated Support For Password Strength Determination

planned

IA-5 (5) Change Authenticators Prior To Delivery

planned

IA-5 (6) Protection Of Authenticators

planned

IA-5 (7) No Embedded Unencrypted Static Authenticators

planned

<