NIST 800-53 IA-9 Mappings

Services that may require identification and authentication include web applications using digital certificates or services or applications that query a database. Identification and authentication methods for system services and applications include information or code signing, provenance graphs, and electronic signatures that indicate the sources of services. Decisions regarding the validity of identification and authentication claims can be made by services separate from the services acting on those decisions. This can occur in distributed system architectures. In such situations, the identification and authentication decisions (instead of actual identifiers and authentication data) are provided to the services that need to act on those decisions.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
IA-9 Service Identification and Authentication Protects T1036 Masquerading
IA-9 Service Identification and Authentication Protects T1036.001 Invalid Code Signature
IA-9 Service Identification and Authentication Protects T1036.005 Match Legitimate Name or Location
IA-9 Service Identification and Authentication Protects T1059 Command and Scripting Interpreter
IA-9 Service Identification and Authentication Protects T1059.001 PowerShell
IA-9 Service Identification and Authentication Protects T1059.002 AppleScript
IA-9 Service Identification and Authentication Protects T1505 Server Software Component
IA-9 Service Identification and Authentication Protects T1505.001 SQL Stored Procedures
IA-9 Service Identification and Authentication Protects T1505.002 Transport Agent
IA-9 Service Identification and Authentication Protects T1525 Implant Internal Image
IA-9 Service Identification and Authentication Protects T1546 Event Triggered Execution
IA-9 Service Identification and Authentication Protects T1546.006 LC_LOAD_DYLIB Addition
IA-9 Service Identification and Authentication Protects T1546.013 PowerShell Profile
IA-9 Service Identification and Authentication Protects T1553 Subvert Trust Controls
IA-9 Service Identification and Authentication Protects T1553.004 Install Root Certificate
IA-9 Service Identification and Authentication Protects T1554 Compromise Client Software Binary
IA-9 Service Identification and Authentication Protects T1566 Phishing
IA-9 Service Identification and Authentication Protects T1566.001 Spearphishing Attachment
IA-9 Service Identification and Authentication Protects T1566.002 Spearphishing Link
IA-9 Service Identification and Authentication Protects T1598 Phishing for Information
IA-9 Service Identification and Authentication Protects T1598.002 Spearphishing Attachment
IA-9 Service Identification and Authentication Protects T1598.003 Spearphishing Link