control_freak | Controls | IA-13(01) - Protection of Cryptographic Keys

Cryptographic keys that protect access tokens are generated, managed, and protected from disclosure and misuse.

Baselines

Guidance

Identity assertions and access tokens are typically digitally signed. The private keys used to sign these assertions and tokens are protected commensurate with the impact of the system and information resources that can be accessed.

Related controls 2

SC-12 Cryptographic Key Establishment and Management L M H P
SC-13 Cryptographic Protection L M H P

IA-13(01) Protection of Cryptographic Keys

Baselines

Guidance

Related controls 2