The IDPS must enforce authorized access to the corresponding private key for PKI-based authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34682 | SRG-NET-000165-IDPS-00123 | SV-45561r1_rule | Medium |
| Description |
|---|
| The principle factor of PKI implementation is the private key used to encrypt or digitally sign information. If the private key is discovered, an attacker can use the key to authenticate as an authorized user and gain access to the network infrastructure. This control applies to accounts configured or controlled by the IDPS itself. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42911r1_chk ) |
|---|
| If authentication functionality is provided by the underlying platform's account management system or by a network authentication server rather than the IDPS application itself, this is not a finding. Verify settings for controlling authorized access to private keys are enabled. If a rigorous technical key management policy is not in place to protect the private keys, this is a finding. |
| Fix Text (F-38958r1_fix) |
|---|
| Enable the setting on the IDPS that controls the authorized access to the user's private key. |