UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must provide mutual authentication between the provisioning server and the provisioned device during a trusted over-the-air (OTA) provisioning session.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33013 SRG-OS-000087-MOS-000056 SV-43411r1_rule High
Description
Provisioning data includes operating system configuration, key material, and other initialization data. It may be sensitive and therefore must be adequately protected. An adversary within the general proximity of the mobile device can eavesdrop on OTA transactions, making them particularly vulnerable to attack if confidentiality protections are not in place. Proper use of cryptography provides strong assurance that provisioning data is protected against confidentiality attacks. When dealing with access restrictions pertaining to change control, it should be noted that any changes to the hardware, software, and/or firmware components of the information system can potentially have significant effects on the overall security of the system. Mutual authentication ensures both that the device is authorized for provisioning and that a rogue provisioning server is not used to obtain software. In this context, provisioning refers to configuration elements specific to the organization and user, and not installation of the base mobile OS. One way to ensure authentication of the server is to require that the MOS point to a specified URL for the provisioning process, and authenticate the URL-specified server using SSL/TLS.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41311r1_chk )
Review system documentation and operating system configuration to determine if there is mutual authentication between the provisioning server and the provisioned device. If additional assurance is required, validate the provisioning server will not provision software and data to an unauthorized device and that an authorized device will not connect to an unauthorized provisioning server (e.g., a valid provisioning server with its credentials temporarily removed for the test). If either the device does not authenticate the provisioning infrastructure, or vice versa, this is a finding.
Fix Text (F-36926r1_fix)
Configure the mobile operating system to mutually authenticate between the provisioning server and the provisioned device during a trusted over-the-air (OTA) provisioning session and prior to accepting provisioned software.