|

controlIA-13

Identity Providers and Authorization Servers (IA-13)

Employ identity providers and authorization servers to manage user, device, and non-person entity (NPE) identities, attributes, and access rights supporting authentication and authorization decisions in accordance with [organization-defined] using [organization-defined].

identificationauthenticationidentity

Why These Connect

Supports16

These related controls work together — a change to one may affect the others.

Enhances3

These enhancements add specific capabilities or refinements to the base control.

Related Controls(8)

AC-3Access Enforcement (AC-3)

IA-2Identification and Authentication (Organizational Users) (IA-2)

IA-3Device Identification and Authentication (IA-3)

IA-8Identification and Authentication (Non-organizational Users) (IA-8)

IA-9Service Identification and Authentication (IA-9)IA-12Identity Proofing (IA-12)

SC-12Cryptographic Key Establishment and Management (SC-12)

SC-13Cryptographic Protection (SC-13)

Control Enhancements(3)

IA-13(1)Protection of Cryptographic Keys (IA-13(1))

IA-13(2)Verification of Identity Assertions and Access Tokens (IA-13(2))

IA-13(3)Token Management (IA-13(3))

See Also

@SP 800-53 Overview ⚖Compare Baselines