| Specific examples of flow control enforcement can be found in boundary protection devices (e.g., proxies, gateways, guards, encrypted tunnels, firewalls, and routers) employing rule sets or establishing configuration settings restricting information system services, or providing a packet-filtering capability based on header information or message-filtering capability based on content (e.g., using key word searches or document characteristics).
Policy rules for cross domain transfers include, limitations on embedding components/information types within other components/information types, prohibiting more than two-levels of embedding, and prohibiting the transfer of archived information types.
Information flow control only applies to a CDS. An AS is not a CDS.
|
