Detections
Analytics

1.30 UBTU-24-100910

Information

The operating system must accept Personal Identity Verification (PIV) credentials managed through the Privileged Access Management (PAM) framework.

GROUP ID: V-270673
RULE ID: SV-270673r1067164

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access.

DOD has mandated the use of the common access card (CAC) to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a primary component of layered protection for national security systems.

Solution

Install the "libpam-pkcs11" package by using the following command:

$ sudo apt-get install libpam-pkcs11

See Also

https://workbench.cisecurity.org/benchmarks/22775

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2(1), 800-53|IA-2(2), 800-53|IA-2(3), 800-53|IA-2(4), 800-53|IA-2(11), CAT|II, CCI|CCI-000765, CCI|CCI-000766, CCI|CCI-000767, CCI|CCI-000768, CCI|CCI-001948, CCI|CCI-004046, CCI|CCI-004047, CSCv7|16.3, Rule-ID|SV-270673r1067164_rule, STIG-ID|UBTU-24-100910, Vuln-ID|V-270673

Plugin: Unix

Control ID: 4bff61844a813dc366bff1e8681ac90fc4876888dd2e7e2d9ed3b29f93fbc381