The application must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.

Description

<VulnDiscussion>FICAM establishes a federated identity framework for the federal government. FICAM provides government-wide services for common Identity, Credential and Access Management (ICAM) requirements. The FICAM Trust Framework Solutions (TFS) is the federated identity framework for the U.S. federal government. The TFS is a process by which Industry Trust Frameworks (The codification of requirements for credentials and their issuance, privacy and security requirements, as well as auditing qualifications and processes) are evaluated and assessed for potential use by the government. A Trust Framework that is comparable to federal standards is adopted through this process, which allows federal government Relying Parties (Federal Government websites or RP's) to trust Credential Service Providers (a.k.a. Identity Providers) that have been assessed under that particular trust framework. This allows federal government relying parties to trust such credentials at their approved assurance levels. This requirement only applies to applications that are intended to be accessible to nonfederal government agencies and other partners through FICAM. Third-party credentials are those credentials issued by nonfederal government entities approved by the FICAM TFS initiative.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>