The DBMS must map the PKI-authenticated identity to an associated user account.
An XCCDF Rule
Description
The DOD standard for authentication is DOD-approved PKI certificates. Once a PKI certificate has been validated, it must be mapped to a DBMS user account for the authenticated identity to be meaningful to the DBMS and useful for authorization decisions.
- ID
- SV-259251r961044_rule
- Version
- EPAS-00-004700
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure PostgreSQL to map authenticated identities directly to PostgreSQL user accounts.