UCF STIG Viewer Logo

The application server must dynamically manage identifiers, attributes, and associated access authorizations.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35308 SRG-APP-000162-AS-000110 SV-46595r1_rule Medium
Description
Dynamically managing identifiers typically involves authenticating the remote user or device and then creating and assigning a security token that is used as the identifier. Attribute management involves utilizing services such as LDAP, Kerberos and AD to determine the role and access restrictions associated with the identity. Authorization is granting or denying access to the requested resource based on identity and the associated role. The AS must be able to dynamically manage the identifiers, attributes, and access authorizations of users, devices and applications that attempt to utilize or otherwise access the application services provided by the AS.
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-43677r1_chk )
Review AS product documentation and configuration to determine if the AS automatically authenticates the remote user, device or application. Verify the AS creates a security token and incorporates services such as LDAP, Kerberos or AD to dynamically manage identifiers, attributes, and associated access restrictions. If the AS does not meet this requirement, this is a finding.
Fix Text (F-39854r2_fix)
Configure the AS to dynamically manage identifiers, attributes, and associated access authorizations.