Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
IBM Aspera Platform 4.2 Security Technical Implementation Guide
SRG-NET-000062-ALG-000011
The IBM Aspera High-Speed Transfer Server must enable the use of dynamic token encryption keys.
The IBM Aspera High-Speed Transfer Server must enable the use of dynamic token encryption keys.
An XCCDF Rule
Details
Profiles
Prose
The IBM Aspera High-Speed Transfer Server must enable the use of dynamic token encryption keys.
Medium Severity
<VulnDiscussion>Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. The dynamic token encryption key is used for encrypting authorization tokens dynamically for improved security and time-limited validity which limits the chances of a key becoming compromised. NOTE: A dynamic token encryption key can be set for an individual user or a system group. Satisfies: SRG-NET-000062-ALG-000011, SRG-NET-000400-ALG-000097</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>