zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-02 16:02:15 +02:00
Code Issues Projects Releases Packages Wiki Activity
manage.get.gov/docs/compliance/dist/system-security-plans/ato/sc-23.md
Logan McDonald 8d493d2e44
Document things cloud.gov CRM fully supports (#122) 
* document things cloud.gov crm fully supports

* run make assemble
2022-10-13 10:36:44 -04:00

1 KiB
Raw Blame History

implementation-status control-origination
c-implemented
c-inherited-cloud-gov

sc-23 - [catalog] Session Authenticity

Control Statement

Protect the authenticity of communications sessions.

Control guidance

Protecting session authenticity addresses communications protection at the session level, not at the packet level. Such protection establishes grounds for confidence at both ends of communications sessions in the ongoing identities of other parties and the validity of transmitted information. Authenticity protection includes protecting against "man-in-the-middle" attacks, session hijacking, and the insertion of false information into sessions.

Control assessment-objective

the authenticity of communication sessions is protected.

What is the solution and how is it implemented?

Customer applications fully inherit this control from cloud.gov.