STIGhub
STIGs
RMF Controls
Compare
← All Controls
AC-3 (3)
Access Control
Rev 3
Access Enforcement
CCI Identifiers (15)
CCI-000022
The information system enforces one or more organization-defined nondiscretionary access control policies over an organization-defined set of users and resources.
CCI-001409
The organization defines nondiscretionary access control policies to be enforced over the organization-defined set of users and resources, where the rule set for each policy specifies access control information employed by the policy rule set (e.g., position, nationality, age, project, time of day) and required relationships among the access control information to permit access.
CCI-001410
The organization defines the set of users and resources over which the information system is to enforce nondiscretionary access control policies.
CCI-002153
Defines the mandatory access control policies that are to be enforced over all subjects and objects.
CCI-002154
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy is uniformly enforced across the covered subjects and objects within the system.
CCI-002155
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from passing the information to unauthorized subjects or objects.
CCI-002156
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from granting its privileges to other subjects.
CCI-002157
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from changing one or more security attributes on subjects, objects, the system, or system components.
CCI-002158
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from choosing the security attributes to be associated with newly created or modified objects.
CCI-002159
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from choosing the attribute values to be associated with newly created or modified objects.
CCI-002160
Enforce organization-defined mandatory access control policy over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information is constrained from changing the rules governing access control.
CCI-002161
Defines subjects which may explicitly be granted organization-defined privileges such that they are not limited by any of the mandatory access control constraints.
CCI-002162
Defines the privileges that may explicitly be granted to organization-defined subjects such that they are not limited by any of the mandatory access control constraints.
CCI-003014
Enforce organization-defined mandatory access control policies over all subjects and objects.
CCI-003015
Specifies that organization-defined subjects may explicitly be granted organization-defined privileges such that they are not limited by any defined subset (or all) of the above constraints.
Linked STIG Checks (3)
Across 3 STIGs. Click to expand.
▶
HP FlexFabric Switch NDM Security Technical Implementation Guide
1 check
▶
IBM zVM Using CA VM:Secure Security Technical Implementation Guide
1 check
▶
Network Device Management Security Requirements Guide
1 check