The application must perform data origin authentication and data integrity verification on all resolution responses received whether or not local client systems explicitly request this service.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35557 | SRG-APP-000217-MAPP-NA | SV-46844r1_rule | Medium |
| Description |
|---|
| A recursive resolving or caching Domain Name System (DNS) server is an example of an information system providing name/address resolution service for local clients. Authoritative DNS servers are examples of authoritative sources owning DNS data. Information systems using technologies other than the DNS to map between host/service names and network addresses provide other means to enable clients to verify the authenticity and integrity of response data. Rationale for non-applicability: The mobile operating system is responsible for name/address resolution services. If a mobile application were granted the OS privileges necessary to provide name services to other applications, this would enable the name service application to launch a number of IA attacks against other applications. |
| STIG | Date |
|---|---|
| Mobile Application Security Requirements Guide | 2013-01-04 |
Details
| Check Text ( C-43897r1_chk ) |
|---|
| This requirement is NA for the MAPP SRG. |
| Fix Text (F-40098r1_fix) |
|---|
| The requirement is NA. No fix is required. |