Description:

Authenticity protection includes protecting against man-in-the-middle attacks, session hijacking, and the insertion of false information into communications sessions. This requirement addresses communications protection at the session versus packet level (e.g., sessions in service-oriented architectures providing web-based services) and establishes grounds for confidence at both ends of communications sessions in ongoing identities of other parties and in the validity of information transmitted.  [SP 800-77], [SP 800-95], and [SP 800-3] provide guidance on secure communications sessions. 


Priority: High



Category
Network Security 



Services Associated with AWS:

  1. AWS Shield
  2. Amazon GuardDuty
  3. AWS Certificate Manager
  4. AWS Key Management Service (KMS)
  5. Amazon API Gateway


Objective Evidence:  

  • Administrative: documented policies, standards & procedures
  • Administrative: supporting documentation to demonstrate the "secure practices" used to build technology platform-specific secure baseline configurations
  • Technical: screen shot of configuration settings
  • Technical: screen shot of cryptography in use


Possible Technology Considerations : 

  • Secure Baseline Configurations (SBC)
  • Cryptographic Solution (data in transit)


What needs to be answered?

Are implemented controls in place to protect session communications (e.g., the controls implemented to validate identities and information transmitted to protect against man-in-the-middle attacks, session hijacking, and insertion of false information into sessions)? Does the system provide mechanisms to protect the authenticity of device-to-device communications sessions?

  • Session Authenticity Protection Check
    Description: This check ensures that the authenticity of communications sessions is protected. It verifies that measures are in place to prevent man-in-the-middle attacks, session hijacking, and the insertion of false information into communications sessions. It also ensures that there is confidence in the ongoing identities of other parties and the validity of the information transmitted.
  • Secure Communication Session Check
    Description: This check ensures that secure communications sessions are established and maintained. It verifies that protocols and mechanisms for secure communication are in place, including TLS/SSL encryption, secure key exchange, and other methods for ensuring the security and integrity of data in transit.


More Details:

Communication sessions monitored and encrypted to prevent man in the middle attacks.