Title

Applications must not share resources used to interface with systems operating at different security levels. (Cat II impact)

Discussion

The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Shared resources include memory, input/output queues, and network interface cards. Rationale for non-applicability: Mobile applications that interface with system operating at different security levels are outside the scope of the MAPP SRG.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46931r1_rule

Vulnerability ID: V-35644

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.