The operating system must not share resources used to interface with systems operating at different security levels.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33120	SRG-OS-000139-NA	SV-43518r1_rule		Medium

Description
The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) obtaining access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the operating system. Shared resources include memory, input/output queues, and network interface cards. Rationale for non-applicability: For the purposes of this SRG, a mobile OS is assumed to support a single security domain. There is no interface to systems at a different security level.

Description

The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) obtaining access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the operating system. Shared resources include memory, input/output queues, and network interface cards. Rationale for non-applicability: For the purposes of this SRG, a mobile OS is assumed to support a single security domain. There is no interface to systems at a different security level.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41379r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37020r1_fix)
The requirement is NA. No fix is required.