NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-40(4)Signal Parameter Identification

Implement cryptographic mechanisms to prevent the identification of {{ insert: param, sc-40.04_odp }} by using the transmitter signal parameters.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

The implementation of cryptographic mechanisms to prevent the identification of wireless transmitters protects against the unique identification of wireless transmitters for the purposes of intelligence exploitation by ensuring that anti-fingerprinting alterations to signal parameters are not predictable by unauthorized individuals. It also provides anonymity when required. Radio fingerprinting techniques identify the unique signal parameters of transmitters to fingerprint such transmitters for purposes of tracking and mission or user identification.

Practitioner Notes

Identify and authenticate wireless signal parameters to verify that communications are coming from legitimate devices, not adversary equipment.

Example 1: Deploy wireless monitoring that fingerprints the unique radio characteristics (RF signatures) of your authorized access points. If a device transmits on your frequency with different RF characteristics, it is flagged as potentially rogue.

Example 2: Use your wireless controller's built-in rogue AP detection. Cisco WLC or Aruba controllers continuously scan for unauthorized access points by comparing detected BSSIDs against the authorized list. Unknown BSSIDs trigger automatic alerts and optional containment.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability