Security Requirements for 03.05.05 Identifier Management

Identifiers are provided for users, processes acting on behalf of users, and devices. Prohibiting the reuse of identifiers prevents the assignment of previously used individual, group, role, service, or device identifiers to different individuals, groups, roles, services, or devices. Characteristics that identify the status of individuals include contractors, foreign nationals, and non-organizational users. Identifying the status of individuals by these characteristics provides information about the people with whom organizational personnel are communicating. For example, it is useful for an employee to know that one of the individuals on an email message is a contractor.

View CPRT 03.05.05

  1. 03.05.05.a

    Receive authorization from organizational personnel or roles to assign an individual, group, role, service, or device identifier.

  1. 03.05.05.b

    Select and assign an identifier that identifies an individual, group, role, service, or device.

  1. 03.05.05.c

    Prevent the reuse of identifiers for [Assignment: organization-defined time period].

  1. 03.05.05.d

    Manage individual identifiers by uniquely identifying each individual as [Assignment: organization-defined characteristic identifying individual status].