The application server must implement security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35643	SRG-APP-000238-AS-NA	SV-46930r1_rule		Medium

Description
The AS must isolate security functions from non-security functions by means of an isolation boundary (implemented via partitions and domains) controlling access to, and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process. Separation and isolation is met through application virtualization. This requirement will apply to applications residing on top of the AS, but not to the AS itself. Requirement is NA.

Description

The AS must isolate security functions from non-security functions by means of an isolation boundary (implemented via partitions and domains) controlling access to, and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process. Separation and isolation is met through application virtualization. This requirement will apply to applications residing on top of the AS, but not to the AS itself. Requirement is NA.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-43985r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40185r1_fix)
The requirement is NA. No fix is required.