CCI-002205

Uniquely identify and authenticate source by organization, system, application, service, and/or individual for information transfer.

Implementation Guidance

Determine if source and destination points are uniquely identified and authenticated by [AC-04(17)_ODP; one or more of the following PARAMETER VALUES is/are selected: {organization, system, application, service, individual}] for information transfer.

Validation Procedures

Examine: [SELECT FROM: Access control policy; information flow control policies; procedures addressing information flow enforcement; procedures addressing source and destination domain identification and authentication; system design documentation; system configuration settings and associated documentation; system audit records; list of system labels; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security and privacy responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement policy].

The controls below (if any) were marked by NIST as being related to CCI-002205.