Authentication mechanisms may be required within a cryptographic module to authenticate an operator accessing the module and to verify that the operator is authorized to assume the requested role and perform services within that role.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| IA-7 | Cryptographic Module Authentication | Protects | T1195.003 | Compromise Hardware Supply Chain |
| IA-7 | Cryptographic Module Authentication | Protects | T1495 | Firmware Corruption |
| IA-7 | Cryptographic Module Authentication | Protects | T1542 | Pre-OS Boot |
| IA-7 | Cryptographic Module Authentication | Protects | T1542.001 | System Firmware |
| IA-7 | Cryptographic Module Authentication | Protects | T1542.003 | Bootkit |
| IA-7 | Cryptographic Module Authentication | Protects | T1542.004 | ROMMONkit |
| IA-7 | Cryptographic Module Authentication | Protects | T1542.005 | TFTP Boot |
| IA-7 | Cryptographic Module Authentication | Protects | T1601 | Modify System Image |
| IA-7 | Cryptographic Module Authentication | Protects | T1601.001 | Patch System Image |
| IA-7 | Cryptographic Module Authentication | Protects | T1601.002 | Downgrade System Image |