The network element must support and maintain the binding of organizationally defined security attributes to information in process.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000055-FW-NA	SRG-NET-000055-FW-NA	SRG-NET-000055-FW-NA_rule		Low

Description
This control requires the support and maintenance of organizationally defined attribute association (marking). These attributes are bound to the information in process on the components of the network element. The association of security attributes to data objects in process on the network element is referred to as binding. The security attributes should remain bound as the information is processed. Types of attributes include classification level. An example of an attribute value for this attribute type is Top Secret. Typically, the security attributes used for data stored on the network element is not granular. While the information is processed, the system will limit access based on account permissions. If the security attributes become disassociated from the information being stored, then access control policies and information flows which depend on these security attributes will not function and unauthorized access may result. Supporting and maintaining the binding of security attributes of information being processed by the firewall are not a function of the firewall application.

Description

This control requires the support and maintenance of organizationally defined attribute association (marking). These attributes are bound to the information in process on the components of the network element. The association of security attributes to data objects in process on the network element is referred to as binding. The security attributes should remain bound as the information is processed. Types of attributes include classification level. An example of an attribute value for this attribute type is Top Secret. Typically, the security attributes used for data stored on the network element is not granular. While the information is processed, the system will limit access based on account permissions. If the security attributes become disassociated from the information being stored, then access control policies and information flows which depend on these security attributes will not function and unauthorized access may result. Supporting and maintaining the binding of security attributes of information being processed by the firewall are not a function of the firewall application.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000055-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000055-FW-NA_fix)
This requirement is NA for firewall. No fix required.