Объединенная экспертная группа по инициативе преобразования


SC-12 Cryptographic Key Establishment and Management



страница30/48
Дата09.05.2018
Размер6.15 Mb.
1   ...   26   27   28   29   30   31   32   33   ...   48

SC-12

Cryptographic Key Establishment and Management







x

x

x

SC-12(1)

cryptographic key establishment and management | availability













x

SC-12(2)

cryptographic key establishment and management | symmetric keys
















SC-12(3)

cryptographic key establishment and management | asymmetric keys
















SC-12(4)

cryptographic key establishment and management | pki certificates

x

Incorporated into SC-12.

SC-12(5)

cryptographic key establishment and management | pki certificates / hardware tokens

x

Incorporated into SC-12.

SC-13

Cryptographic Protection







x

x

x

SC-13(1)

cryptographic protection | fips-validated cryptography

x

Incorporated into SC-13.

SC-13(2)

cryptographic protection | nsa-approved cryptography

x

Incorporated into SC-13.

SC-13(3)

cryptographic protection | individuals without formal access approvals

x

Incorporated into SC-13.

SC-13(4)

cryptographic protection | digital signatures

x

Incorporated into SC-13.

SC-14

Public Access Protections

x

Capability provided by AC-2, AC-3, AC-5, SI-3, SI-4, SI-5, SI-7, SI-10.

SC-15

Collaborative Computing Devices







x

x

x

SC-15(1)

collaborative computing devices | physical disconnect
















SC-15(2)

collaborative computing devices | blocking inbound / outbound communications traffic

x

Incorporated into SC-7.

SC-15(3)

collaborative computing devices | disabling / removal in secure work areas
















SC-15(4)

collaborative computing devices | explicitly indicate current participants
















SC-16

Transmission of Security Attributes
















SC-16(1)

transmission of security attributes | integrity validation
















SC-17

Public Key Infrastructure Certificates










x

x

SC-18

Mobile Code










x

x

SC-18(1)

mobile code | identify unacceptable code / take corrective actions
















SC-18(2)

mobile code | acquisition / development / use
















SC-18(3)

mobile code | prevent downloading / execution
















SC-18(4)

mobile code | prevent automatic execution
















SC-18(5)

mobile code | allow execution only in confined environments
















SC-19

Voice Over Internet Protocol










x

x

SC-20

Secure Name /Address Resolution Service

(Authoritative Source)







x

x

x

SC-20(1)

secure name / address resolution service (authoritative source) | child subspaces

x

Incorporated into SC-20.

SC-20(2)

secure name / address resolution service (authoritative source) | data origin / integrity
















SC-21

Secure Name /Address Resolution Service

(Recursive or Caching Resolver)







x

x

x

SC-21(1)

secure name / address resolution service (recursive or caching resolver) | data origin / integrity

x

Incorporated into SC-21.

SC-22

Architecture and Provisioning for

Name/Address Resolution Service







x

x

x

SC-23

Session Authenticity










x

x

SC-23(1)

session authenticity | invalidate session identifiers at logout
















SC-23(2)

session authenticity | user-initiated logouts / message displays

x

Incorporated into AC-12(1).

SC-23(3)

session authenticity | unique session identifiers with randomization
















SC-23(4)

session authenticity | unique session identifiers with randomization

x

Incorporated into SC-23(3).

SC-23(5)

session authenticity | allowed certificate authorities
















SC-24

Fail in Known State




x







x

SC-25

Thin Nodes
















SC-26

Honeypots
















SC-26(1)

honeypots | detection of malicious code

x

Incorporated into SC-35.

SC-27

Platform-Independent Applications
















SC-28

Protection of Information at Rest










x

x

SC-28(1)

protection of information at rest | cryptographic protection
















SC-28(2)

protection of information at rest | off-line storage
















SC-29

Heterogeneity




x










SC-29(1)

heterogeneity | virtualization techniques




x










SC-30

Concealment and Misdirection




x










SC-30(1)

concealment and misdirection | virtualization techniques

x

Incorporated into SC-29(1).

SC-30(2)

concealment and misdirection | randomness




x










SC-30(3)

concealment and misdirection | change processing / storage locations




x










SC-30(4)

concealment and misdirection | misleading information




x










SC-30(5)

concealment and misdirection | concealment of system components




x












Поделитесь с Вашими друзьями:
1   ...   26   27   28   29   30   31   32   33   ...   48


База данных защищена авторским правом ©vossta.ru 2019
обратиться к администрации

    Главная страница