>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-11Trusted Path

Technical

>Control Description

(A) The information system establishes a trusted communications path between the user and the following security functions of the system: organization-defined security functions to include at a minimum, information system authentication and re-authentication.

>Supplemental Guidance

Trusted paths are mechanisms by which users (through input devices) can communicate directly with security functions of information systems with the requisite assurance to support information security policies. The mechanisms can be activated only by users or the security functions of organizational information systems. User responses via trusted paths are protected from modifications by or disclosure to untrusted applications.

Organizations employ trusted paths for high-assurance connections between security functions of information systems and users (e.g., during system logons). Enforcement of trusted communications paths is typically provided via an implementation that meets the reference monitor concept. Related controls: AC-16, AC-25

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis. Should be used to protect PIN entry for high robustness authentication mechanisms.

Ask AI

Configure your API key to use AI features.