>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-4(19)Information Flow Enforcement

Technical

>Control Description

INFORMATION FLOW ENFORCEMENT | VALIDATION OF METADATA The information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads.

>Supplemental Guidance

This control enhancement requires the validation of metadata and the data to which the metadata applies. Some organizations distinguish between metadata and data payloads (i.e., only the data to which the metadata is bound). Other organizations do not make such distinctions, considering metadata and the data to which the metadata applies as part of the payload.

All information (including metadata and the data to which the metadata applies) is subject to filtering and inspection.

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.

Ask AI

Configure your API key to use AI features.