CCI-002357

CCI-002357 Definition

Implement a reference monitor for organization-defined access control policies that is tamperproof.

Status
Type	CheckType.technical

The controls below (if any) were marked by NIST as being related to CCI-002357.

Control	Description
AC-25	The information system implements a reference monitor for [one of ] that is tamperproof, always invoked, and small enough to be subject to analysis and testing, the completeness of which can be assured.