Applications must meet organizational requirements to implement security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32542	SRG-APP-000238-DB-NA	SV-42879r1_rule		Medium

Description
The information system isolates security functions from non-security functions by means of an isolation boundary (implemented via partitions and domains) controlling access to and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process. This requirement is specific to applications maintaining isolation boundaries on hardware or networks. This is NA for databases.

Description

The information system isolates security functions from non-security functions by means of an isolation boundary (implemented via partitions and domains) controlling access to and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process. This requirement is specific to applications maintaining isolation boundaries on hardware or networks. This is NA for databases.

STIG	Date
Database Security Requirements Guide	2012-07-02

Details

Check Text ( C-40980r1_chk )
This check is NA for databases.

Fix Text (F-36456r1_fix)
This fix is NA for databases.