Skip to content
Catalogs
XCCDF
CA API Gateway ALG Security Technical Implementation Guide
SRG-NET-000349-ALG-000106
The CA API Gateway providing user authentication intermediary services must conform to Federal Identity, Credential, and Access Management (FICAM) issued profiles.
The CA API Gateway providing user authentication intermediary services must conform to Federal Identity, Credential, and Access Management (FICAM) issued profiles. An XCCDF Rule
The CA API Gateway providing user authentication intermediary services must conform to Federal Identity, Credential, and Access Management (FICAM) issued profiles.
Medium Severity
<VulnDiscussion>Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM authentication protocols, such as SAML 2.0 and OpenID 2.0.
Use of FICAM-issued profiles addresses open identity management standards.
This requirement only applies to components where this is specific to the function of the device or has the concept of a non-organizational user, (e.g., ALG capability that is the front end for an application in a DMZ).
CA API Gateway must be capable of producing and validating FICAM-compliant SAML.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>