← Back to catalog
IA-13(1)

Protection of Cryptographic Keys

Identification and Authentication (IA)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Cryptographic keys that protect access tokens are generated, managed, and protected from disclosure and misuse.

Discussion

Identity assertions and access tokens are typically digitally signed. The private keys used to sign these assertions and tokens are protected commensurate with the impact of the system and information resources that can be accessed.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.