IA-03 Device Identification And Authentication

Control: The information system identifies and authenticates specific devices before establishing a connection.

Supplemental Guidance: The information system typically uses either shared known information (e.g., Media Access Control (MAC) or Transmission Control Protocol/Internet Protocol (TCP/IP) addresses) or an organizational authentication solution (e.g., IEEE 802.1x and Extensible Authentication Protocol (EAP) or a Radius server with EAP-Transport Layer Security (TLS) authentication) to identify and authenticate devices on local and/or wide area networks. The required strength of the device authentication mechanism is determined by the FIPS 199 security categorization of the information system with higher impact levels requiring stronger authentication.

Control Enhancements: (0) None.

Baseline: LOW Not Selected MOD IA-3 HIGH IA-3

Family: Identification And Authentication

Class: Technical

ISO 17799 mapping: 11.4.2, 11.4.3, 11.7.1

COBIT 4.1 mapping: None.

PCI-DSS v2 mapping: None.