>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-4(2)Information Flow Enforcement

Technical

>Control Description

INFORMATION FLOW ENFORCEMENT | PROCESSING DOMAINS The information system uses protected processing domains to enforce organization-defined information flow control policies as a basis for flow control decisions.

>Supplemental Guidance

Within information systems, protected processing domains are processing spaces that have controlled interactions with other processing spaces, thus enabling control of information flows between these spaces and to/from data/information objects. A protected processing domain can be provided, for example, by implementing domain and type enforcement. In domain and type enforcement, information system processes are assigned to domains; information is identified by types; and information flows are controlled based on allowed information accesses (determined by domain and type), allowed signalling among domains, and allowed process transitions to other domains.

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.

Ask AI

Configure your API key to use AI features.