This control addresses the binding of organizationally defined attribute association (marking). These attributes are bound to the files and data stored, processed, or transmitted by the components of the network element. The association of security attributes to data objects stored on the network element is referred to as binding.
These attributes are typically associated with internal data structures (e.g., records, buffers, files) within the network element and are used to enable the implementation of automated policy actions. Automated policy actions include access control and flow control policies; reflect special dissemination, handling or distribution instructions; or support other aspects of the information security policy. Types of attributes include classification level. An example of a value for this attribute type is Top Secret.
If the attribute to information binding does not have a high assurance, then information security policies based on these attributes may allow unauthorized subjects or entities to gain access to the information or network.
Maintaining the binding of security attributes is not a function of the firewall application. |