Skip to main content

💼 AC-4 INFORMATION FLOW ENFORCEMENT

  • ID: /frameworks/nist-sp-800-53-r4/ac/04

Description​

The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems based on [Assignment: organization-defined information flow control policies].

Similar​

  • Internal
    • ID: dec-c-7e6eca71

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST CSF v1.1 → 💼 DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed1014no data
💼 NIST CSF v1.1 → 💼 ID.AM-3: Organizational communication and data flows are mapped47no data
💼 NIST CSF v1.1 → 💼 PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation)1022no data
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented4766no data
💼 NIST CSF v1.1 → 💼 PR.PT-4: Communications and control networks are protected1022no data

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AC-4 (1) OBJECT SECURITY ATTRIBUTESno data
💼 AC-4 (2) PROCESSING DOMAINSno data
💼 AC-4 (3) DYNAMIC INFORMATION FLOW CONTROLno data
💼 AC-4 (4) CONTENT CHECK ENCRYPTED INFORMATIONno data
💼 AC-4 (5) EMBEDDED DATA TYPES11no data
💼 AC-4 (6) METADATAno data
💼 AC-4 (7) ONE-WAY FLOW MECHANISMSno data
💼 AC-4 (8) SECURITY POLICY FILTERSno data
💼 AC-4 (9) HUMAN REVIEWSno data
💼 AC-4 (10) ENABLE _ DISABLE SECURITY POLICY FILTERSno data
💼 AC-4 (11) CONFIGURATION OF SECURITY POLICY FILTERSno data
💼 AC-4 (12) DATA TYPE IDENTIFIERSno data
💼 AC-4 (13) DECOMPOSITION INTO POLICY-RELEVANT SUBCOMPONENTSno data
💼 AC-4 (14) SECURITY POLICY FILTER CONSTRAINTSno data
💼 AC-4 (15) DETECTION OF UNSANCTIONED INFORMATIONno data
💼 AC-4 (16) INFORMATION TRANSFERS ON INTERCONNECTED SYSTEMSno data
💼 AC-4 (17) DOMAIN AUTHENTICATIONno data
💼 AC-4 (18) SECURITY ATTRIBUTE BINDINGno data
💼 AC-4 (19) VALIDATION OF METADATAno data
💼 AC-4 (20) APPROVED SOLUTIONSno data
💼 AC-4 (21) PHYSICAL _ LOGICAL SEPARATION OF INFORMATION FLOWSno data
💼 AC-4 (22) ACCESS ONLYno data