Skip to main content

💼 AC-4 INFORMATION FLOW ENFORCEMENT

  • Contextual name: 💼 AC-4 INFORMATION FLOW ENFORCEMENT
  • ID: /frameworks/nist-sp-800-53-r4/ac/04
  • Located in: 💼 AC ACCESS CONTROL

Description​

The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems based on [Assignment: organization-defined information flow control policies].

Similar​

  • Internal
    • ID: dec-c-7e6eca71

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v1.1 → 💼 DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed1014
💼 NIST CSF v1.1 → 💼 ID.AM-3: Organizational communication and data flows are mapped47
💼 NIST CSF v1.1 → 💼 PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation)1022
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented4766
💼 NIST CSF v1.1 → 💼 PR.PT-4: Communications and control networks are protected1022

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
💼 AC-4 (1) OBJECT SECURITY ATTRIBUTES
💼 AC-4 (2) PROCESSING DOMAINS
💼 AC-4 (3) DYNAMIC INFORMATION FLOW CONTROL
💼 AC-4 (4) CONTENT CHECK ENCRYPTED INFORMATION
💼 AC-4 (5) EMBEDDED DATA TYPES11
💼 AC-4 (6) METADATA
💼 AC-4 (7) ONE-WAY FLOW MECHANISMS
💼 AC-4 (8) SECURITY POLICY FILTERS
💼 AC-4 (9) HUMAN REVIEWS
💼 AC-4 (10) ENABLE _ DISABLE SECURITY POLICY FILTERS
💼 AC-4 (11) CONFIGURATION OF SECURITY POLICY FILTERS
💼 AC-4 (12) DATA TYPE IDENTIFIERS
💼 AC-4 (13) DECOMPOSITION INTO POLICY-RELEVANT SUBCOMPONENTS
💼 AC-4 (14) SECURITY POLICY FILTER CONSTRAINTS
💼 AC-4 (15) DETECTION OF UNSANCTIONED INFORMATION
💼 AC-4 (16) INFORMATION TRANSFERS ON INTERCONNECTED SYSTEMS
💼 AC-4 (17) DOMAIN AUTHENTICATION
💼 AC-4 (18) SECURITY ATTRIBUTE BINDING
💼 AC-4 (19) VALIDATION OF METADATA
💼 AC-4 (20) APPROVED SOLUTIONS
💼 AC-4 (21) PHYSICAL _ LOGICAL SEPARATION OF INFORMATION FLOWS
💼 AC-4 (22) ACCESS ONLY