The operating system must dynamically manage identifiers, attributes, and associated access authorizations.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33099	SRG-OS-000119-NA	SV-43497r1_rule		Medium

Description
Dynamic management of identities and association of attributes and privileges with these identities are anticipated and provisioned. Pre-established trust relationships and mechanisms with appropriate authorities to validate identities and related credentials are essential. Rationale for non-applicability: NIST SP 800-53 IA-4 states that this control applies when service-oriented architectures establish identities at run time for entities that were previously unknown. Per the scope of the MOS SRG, mobile devices do not provide services to remote users and therefore do not provide identities for unknown entities.

Description

Dynamic management of identities and association of attributes and privileges with these identities are anticipated and provisioned. Pre-established trust relationships and mechanisms with appropriate authorities to validate identities and related credentials are essential. Rationale for non-applicability: NIST SP 800-53 IA-4 states that this control applies when service-oriented architectures establish identities at run time for entities that were previously unknown. Per the scope of the MOS SRG, mobile devices do not provide services to remote users and therefore do not provide identities for unknown entities.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41358r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-36999r1_fix)
The requirement is NA. No fix is required.