The network device must support and maintain the binding of organizationally defined security attributes to information in storage.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000054-NDM-000037	SRG-NET-000054-NDM-000037	SRG-NET-000054-NDM-000037_rule		Low

Description
This control requires the support and maintenance of organizationally defined attribute association (marking). These attributes are bound to the files and data stored on the components of the network device. The association of security attributes to data objects stored on the network device is referred to as binding. Binding typically includes setting the attribute value and the attribute type for the stored objects. Once bound to the data, these security attributes may be used in various applications within the network device to enable access control, flow control, information handling, and other information security policies. Types of attributes include classification level. An example of a value for this attribute type is Top Secret. Typically, the security attributes used for data stored on the network device is not granular. While the data is in storage, the system will limit access based on account permissions. If the security attributes become disassociated from the information being stored, then access control policies and information flows which depend on these security attributes will not function and unauthorized access may result.

Description

This control requires the support and maintenance of organizationally defined attribute association (marking). These attributes are bound to the files and data stored on the components of the network device. The association of security attributes to data objects stored on the network device is referred to as binding. Binding typically includes setting the attribute value and the attribute type for the stored objects. Once bound to the data, these security attributes may be used in various applications within the network device to enable access control, flow control, information handling, and other information security policies. Types of attributes include classification level. An example of a value for this attribute type is Top Secret. Typically, the security attributes used for data stored on the network device is not granular. While the data is in storage, the system will limit access based on account permissions. If the security attributes become disassociated from the information being stored, then access control policies and information flows which depend on these security attributes will not function and unauthorized access may result.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000054-NDM-000037_chk )
Verify the network device supports and maintains the binding of organizationally defined security attributes to information in storage. If the network device does not support the binding of security attributes to information in storage, this is a finding.

Fix Text (F-SRG-NET-000054-NDM-000037_fix)
Configure the network device to support and maintain the binding of organizationally defined security attributes to information in storage.