>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-9(2)Service Identification And Authentication

Technical

>Control Description

SERVICE IDENTIFICATION AND AUTHENTICATION | TRANSMISSION OF DECISIONS The organization ensures that identification and authentication decisions are transmitted between organization-defined services and are consistent with organizational policies.

>Supplemental Guidance

For distributed architectures (e.g., service-oriented architectures), the decisions regarding the validation of identification and authentication claims may be made by services separate from the services acting on those decisions. In such situations, it is necessary to provide the identification and authentication decisions (as opposed to the actual identifiers and authenticators) to the services that need to act on those decisions. Related control: SC-8.

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.

Ask AI

Configure your API key to use AI features.