|AC-16 (1) Dynamic Attribute Association || |
Dynamic association of security attributes is appropriate whenever the security characteristics of information changes over time. Security attributes may change, for example, due to information aggregation issues (i.e., the security characteristics of individual information elements are different from the combined elements), changes in individual access authorizations (i.e., privileges), and changes in the security category of information.
The information system dynamically associates security attributes with Assignment: organization-defined subjects and objects in accordance with Assignment: organization-defined security policies as information is created and combined.
|AC-16 (2) Attribute Value Changes By Authorized Individuals || |
The content or assigned values of security attributes can directly affect the ability of individuals to access organizational information. Therefore, it is important for information systems to be able to limit the ability to create or modify security attributes to authorized individuals.
The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define or change the value of associated security attributes.
|AC-16 (3) Maintenance Of Attribute Associations By Information System || |
Maintaining the association and integrity of security attributes to subjects and objects with sufficient assurance helps to ensure that the attribute associations can be used as the basis of automated policy actions. Automated policy actions include, for example, access control decisions or information flow control decisions.
The information system maintains the association and integrity of Assignment: organization-defined security attributes to Assignment: organization-defined subjects and objects.
|AC-16 (4) Association Of Attributes By Authorized Individuals || |
The support provided by information systems can vary to include: (i) prompting users to select specific security attributes to be associated with specific information objects; (ii) employing automated mechanisms for categorizing information with appropriate attributes based on defined policies; or (iii) ensuring that the combination of selected security attributes selected is valid. Organizations consider the creation, deletion, or modification of security attributes when defining auditable events.
The information system supports the association of Assignment: organization-defined security attributes with Assignment: organization-defined subjects and objects by authorized individuals (or processes acting on behalf of individuals).
|AC-16 (5) Attribute Displays For Output Devices || |
Information system outputs include, for example, pages, screens, or equivalent. Information system output devices include, for example, printers and video displays on computer workstations, notebook computers, and personal digital assistants.
The information system displays security attributes in human-readable form on each object that the system transmits to output devices to identify Assignment: organization-identified special dissemination, handling, or distribution instructions using Assignment: organization-identified human-readable, standard naming conventions.
|AC-16 (6) Maintenance Of Attribute Association By Organization || |
This control enhancement requires individual users (as opposed to the information system) to maintain associations of security attributes with subjects and objects.
The organization allows personnel to associate, and maintain the association of Assignment: organization-defined security attributes with Assignment: organization-defined subjects and objects in accordance with Assignment: organization-defined security policies.
|AC-16 (7) Consistent Attribute Interpretation || |
In order to enforce security policies across multiple components in distributed information systems (e.g., distributed database management systems, cloud-based systems, and service-oriented architectures), organizations provide a consistent interpretation of security attributes that are used in access enforcement and flow enforcement decisions. Organizations establish agreements and processes to ensure that all distributed information system components implement security attributes with consistent interpretations in automated access/flow enforcement actions.
The organization provides a consistent interpretation of security attributes transmitted between distributed information system components.
|AC-16 (8) Association Techniques / Technologies || |
The association (i.e., binding) of security attributes to information within information systems is of significant importance with regard to conducting automated access enforcement and flow enforcement actions. The association of such security attributes can be accomplished with technologies/techniques providing different levels of assurance. For example, information systems can cryptographically bind security attributes to information using digital signatures with the supporting cryptographic keys protected by hardware devices (sometimes known as hardware roots of trust).
The information system implements Assignment: organization-defined techniques or technologies with Assignment: organization-defined level of assurance in associating security attributes to information.
|AC-16 (9) Attribute Reassignment || |
Validated re-grading mechanisms are employed by organizations to provide the requisite levels of assurance for security attribute reassignment activities. The validation is facilitated by ensuring that re-grading mechanisms are single purpose and of limited function. Since security attribute reassignments can affect security policy enforcement actions (e.g., access/flow enforcement decisions), using trustworthy re-grading mechanisms is necessary to ensure that such mechanisms perform in a consistent/correct mode of operation.
The organization ensures that security attributes associated with information are reassigned only via re-grading mechanisms validated using Assignment: organization-defined techniques or procedures.
|AC-16 (10) Attribute Configuration By Authorized Individuals || |
The content or assigned values of security attributes can directly affect the ability of individuals to access organizational information. Therefore, it is important for information systems to be able to limit the ability to create or modify security attributes to authorized individuals only.
The information system provides authorized individuals the capability to define or change the type and value of security attributes available for association with subjects and objects.