The mobile operating system must verify the integrity of application software before each instance of its execution.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33060	SRG-OS-000097-MOS-000063	SV-43458r3_rule		Medium

Description
A common method to compromise system security is to modify application software to perform malicious functions that will execute when the user runs the application. Verifying the integrity of the software before execution protects against such an attack. This is typically accomplished by checking cryptographic hashes or digital signatures on software program files. Rationale for non-applicability: the feature as described is more suited for a Mobile Device Manager (MDM) to implement as opposed to an OS.

Description

A common method to compromise system security is to modify application software to perform malicious functions that will execute when the user runs the application. Verifying the integrity of the software before execution protects against such an attack. This is typically accomplished by checking cryptographic hashes or digital signatures on software program files. Rationale for non-applicability: the feature as described is more suited for a Mobile Device Manager (MDM) to implement as opposed to an OS.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41329r3_chk )
Review the mobile operating system configuration for the operating system to verify the integrity of program software before each instance of its execution. If the mobile operating system does not perform the verification, this is a finding.

Fix Text (F-36960r3_fix)
Configure the mobile operating system to verify the integrity of application software before each instance of its execution.