IA-11: Re-authentication

An OSCAL Control

Statement

Require users to re-authenticate when .
- - Guidance:
    The fixed time period cannot exceed the limits set in SP 800-63. At this writing they are:
    
    AAL2 (moderate baseline)
    12 hours or
    30 minutes of inactivity