Applications must not share resources used to interface with systems operating at different security levels.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36377	SRG-APP-244-NA	SV-47781r1_rule		Medium

Description
The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Shared resources include, memory, input/output queues, and network interface cards. Rationale for non-applicability: Multi-level security is out of the scope of this SRG.

Description

The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Shared resources include, memory, input/output queues, and network interface cards. Rationale for non-applicability: Multi-level security is out of the scope of this SRG.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44619r1_chk )
This requirement is NA for the MDM server SRG.

Fix Text (F-40909r1_fix)
The requirement is NA. No fix is required.