IA-4(5)—Identifier Management
>Control Description
>Supplemental Guidance
In contrast to conventional approaches to identification which presume static accounts for pre-registered users, many distributed information systems including, for example, service-oriented architectures, rely on establishing identifiers at run time for entities that were previously unknown. In these situations, organizations anticipate and provision for the dynamic establishment of identifiers. Pre-established trust relationships and mechanisms with appropriate authorities to validate identities and related credentials are essential.
Related control: AC-16.
>Tailoring Guidance
This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.
Ask AI
Configure your API key to use AI features.