UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must accept Personal Identity Verification (PIV) credentials from other federal agencies.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233202 SRG-APP-000402-CTR-000970 SV-233202r599509_rule Medium
Description
Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be validated by the overall container platform or they may be validated by each component. It is essential to accept PIV credentials from other federal agencies and eliminate the possibility of access being denied to authorized users. PIV credentials are those credentials issued by federal agencies that conform to FIPS Publication 201 and supporting guidance documents. OMB Memorandum 11-11 requires federal agencies to continue implementing the requirements specified in HSPD-12 to enable agency-wide use of PIV credentials.
STIG Date
Container Platform Security Requirements Guide 2020-11-24

Details

Check Text ( C-36138r599242_chk )
Review the documentation and configuration to determine if the container platform accepts PIV credentials from other federal agencies.

If the container platform does not accept other federal agency PIV credentials, this is a finding.
Fix Text (F-36106r599243_fix)
Configure the container platform to accept PIV credentials from other federal agencies.