SID-AUTH-04 — WebSocket JWT Handshake Authentication
| Property | Value |
|---|---|
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Authentication Controls |
Description
WebSocket connections authenticated via JWT in the initial handshake message. UserID and TenantID extracted from token claims and bound to session. Read limit enforced (64KB) to prevent message size DoS.
Components
Source References
Framework Requirements
EUDI Security Requirements: WIN-8.4.1-Sec-06
FitCEM Wallet Instance: FIT-AU-19
ISO 27001 Annex A: A.8.5
OWASP ASVS 4.0.3 Level 3: V1.2
STRIDE Threat Model: VC-S-1