UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system browser must support public-key certificate-based authentication to remote information systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32995 SRG-OS-000068-MOS-000043 SV-43393r1_rule Low
Description
The cornerstone of the PKI is the private key used to encrypt or digitally sign information. The key by itself is a cryptographic value that does not contain specific user information. The authenticated identity must be mapped to an account for access and authorization decisions. This capability strengthens authentication to remote information systems and thus makes it less likely that such systems will be compromised. Mobile devices without default PKI authentication capability in the browser may mitigate this through the use of authorized third-party browsers.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41292r1_chk )
Inspect the mobile operating system configuration for a browser to support public-key certificate-based authentication to remote information systems. If the default system browser does not meet this requirement, an authorized third-party browser may be used for compliance. If no browser supports public-key certificate-based authentication to remote information systems or unauthorized browsers are used for authentication, this is a finding.
Fix Text (F-36907r1_fix)
Configure the operating system browser to support public-key certificate-based authentication to remote information systems.