GPOS SRG: General Purpose Operating System Security Requirements Guide
This General Purpose Operating System (GPOS) Security Requirements Guide (SRG) provides the technical security policies and requirements for applying security concepts to systems. This SRG specifies security requirements for commercial-off-the-shelf (COTS) or government- off-the-shelf (GOTS) general purpose operating systems (GPOSs) in networked environments. An operating system conformant to this SRG may be operated as a server system within a data center or a client system used directly by one or more human users. This guide assumes operation within a single security domain. Cross-domain solution (CDS) and Multi-Level Security (MLS) requirements are beyond the scope of this guide.
-
SRG-OS-000373-GPOS-00158
The operating system must require users to reauthenticate when changing authenticators. -
SRG-OS-000375-GPOS-00160
The operating system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is pr... -
SRG-OS-000375-GPOS-00161
-
SRG-OS-000375-GPOS-00162
-
SRG-OS-000376-GPOS-00161
The operating system must accept Personal Identity Verification (PIV) credentials. -
SRG-OS-000377-GPOS-00162
The operating system must electronically verify Personal Identity Verification (PIV) credentials. -
SRG-OS-000378-GPOS-00163
The operating system must authenticate peripherals before establishing a connection. -
SRG-OS-000380-GPOS-00165
-
SRG-OS-000383-GPOS-00166
The operating system must prohibit the use of cached authenticators after one day. -
SRG-OS-000384-GPOS-00167
The operating system, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in cas...
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.