Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35517 | SRG-APP-000191-MAPP-NA | SV-46804r1_rule | Medium |
Description |
---|
The application user interface must provide an unspoofable and faithful communication channel between the user and any entity trusted to manipulate authorities on the user's behalf. A trusted path shall be employed for high-confidence connections between the security functions of the information system and the user (e.g., for login). Rationale for non-applicability: This control is required in the MOS SRG. The operating system provides the only means to establish trusted communications paths internal to a mobile device because the operating system can always act as a man-in-the-middle to any application control. |
STIG | Date |
---|---|
Mobile Application Security Requirements Guide | 2013-01-04 |
Check Text ( C-43857r1_chk ) |
---|
This requirement is NA for the MAPP SRG. |
Fix Text (F-40058r1_fix) |
---|
The requirement is NA. No fix is required. |