Applications must employ cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27058	SRG-APP-NA	SV-34353r1_rule		Medium

Description
Ensuring the integrity of transmitted information requires that applications take measures to employ some form of cryptographic mechanism in order to recognize changes to information. This is usually achieved through the use of checksums, cryptographic hash or message authentication. Alternative physical protection measures include, Protected Distribution Systems (PDS). PDS are used to transmit unencrypted classified NSI through an area of lesser classification or control. In as much as the classified NSI is unencrypted, the PDS must provide adequate electrical, electromagnetic, and physical safeguards to deter exploitation. This is a requirement for PDS systems to use cryptographic mechanisms and is not an application requirement.

Description

Ensuring the integrity of transmitted information requires that applications take measures to employ some form of cryptographic mechanism in order to recognize changes to information. This is usually achieved through the use of checksums, cryptographic hash or message authentication. Alternative physical protection measures include, Protected Distribution Systems (PDS). PDS are used to transmit unencrypted classified NSI through an area of lesser classification or control. In as much as the classified NSI is unencrypted, the PDS must provide adequate electrical, electromagnetic, and physical safeguards to deter exploitation. This is a requirement for PDS systems to use cryptographic mechanisms and is not an application requirement.

STIG	Date
Application Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None