Barriers Library
Reusable barriers — prevention barriers sit on threat paths, mitigation barriers on consequence paths.
Add Barrier
Tags:
clear tags
13 barriers — page 1 of 1
| Name | Type | Category | Tags | Description | |
|---|---|---|---|---|---|
| SR 1.1 – Human User Identification and Authentication | prevention | Identification and Authentication Control | The system shall identify and authenticate all human users. This requirement applies to all interfac… | Edit | |
| SR 1.10 – Authenticator Feedback | prevention | Identification and Authentication Control | The system shall obscure feedback of authentication information during the authentication process to… | Edit | |
| SR 1.11 – Unsuccessful Login Attempts | prevention | Identification and Authentication Control | The system shall enforce a limit on consecutive unsuccessful login attempts and apply a response suc… | Edit | |
| SR 1.12 – System Use Notification | prevention | Identification and Authentication Control | The system shall display an approved system use notification message before granting access, providi… | Edit | |
| SR 1.13 – Access via Untrusted Networks | prevention | Identification and Authentication Control | The system shall monitor and control all access to the control system via untrusted networks. Remote… | Edit | |
| SR 1.2 – Software Process and Device Identification and Authentication | prevention | Identification and Authentication Control | The system shall identify and authenticate all software processes and devices that attempt to access… | Edit | |
| SR 1.3 – Account Management | prevention | Identification and Authentication Control | The system shall support the management of accounts including creation, modification, disabling, and… | Edit | |
| SR 1.4 – Identifier Management | prevention | Identification and Authentication Control | The system shall support and enforce identifier management policies, including unique identifiers pe… | Edit | |
| SR 1.5 – Authenticator Management | prevention | Identification and Authentication Control | The system shall enforce authenticator management practices including initial generation, distributi… | Edit | |
| SR 1.6 – Wireless Access Management | prevention | Identification and Authentication Control | The system shall identify and authenticate wireless access to the control system using recognized go… | Edit | |
| SR 1.7 – Strength of Password-Based Authentication | prevention | Identification and Authentication Control | The system shall enforce minimum password strength requirements such as length, complexity, and hist… | Edit | |
| SR 1.8 – Public Key Infrastructure Certificates | prevention | Identification and Authentication Control | The system shall implement and maintain a PKI for issuing, validating, revoking, and renewing digita… | Edit | |
| SR 1.9 – Strength of Public Key Authentication | prevention | Identification and Authentication Control | The system shall use public key authentication mechanisms with sufficient cryptographic strength. Ke… | Edit |