Documentation - V-204745

V-204745

Application Server Security Requirements Guide

CAT II

Title

The application server must use an approved DOD enterprise identity, credential, and access management (ICAM) solution to uniquely identify and authenticate users (or processes acting on behalf of organizational users).

Description

<VulnDiscussion>To ensure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store, which is either local (OS-based) or centralized (LDAP). However, DoDI 8520.03 now requires that applications use an approved DOD enterprise (E-ICAM) solution whenever the ICAM solution addresses information system needs. Where the ICAM solution has been evaluated and found to not meet the need...

Fix Text (Documentation Requirement)

Configure the application server to use an approved enterprise ICAM solution to uniquely identify and authenticate users and processes acting on behalf of organizational users.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel