FedRAMP Control Explorer

SC-23 Session Authenticity

Control

Protect the authenticity of communications sessions.

Discussion

Protecting session authenticity addresses communications protection at the session level, not at the packet level. Such protection establishes grounds for confidence at both ends of communications sessions in the ongoing identities of other parties and the validity of transmitted information. Authenticity protection includes protecting against “man-in-the-middle” attacks, session hijacking, and the insertion of false information into sessions.

FedRAMP-Defined Assignment / Selection Parameters

N/A