UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The application must employ automated mechanisms enabling authorized users to make information sharing decisions based on access authorizations of sharing partners and access restrictions on information to be shared.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32202 SRG-APP-000032-DB-NA SV-42519r1_rule Medium
Description
User based collaboration and information sharing applications present challenges regarding classification and dissemination of information generated and shared among the application users. These types of applications are intended to share information created and stored within the application; however, not all users have a need to view all data created or stored within the collaboration tool. Collaboration tools and all applications handling information that may be restricted in some manner (e.g., privileged medical, contract-sensitive, proprietary, personally identifiable information, special access programs/compartments) must provide the capability to automatically enable authorized users to make information sharing decisions based upon access authorizations. Depending on the information-sharing circumstance, the sharing partner may be defined at the individual, group, or organization level and information may be defined by specific content, type, or security categorization. This requirement is specific to collaboration software. This requirement is NA for databases.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40707r1_chk )
This check is NA for databases.
Fix Text (F-36126r1_fix)
This fix is NA for databases.