An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
73/172
)
CCIs
Number
Definition
Status
Related
CCI-002191
Defines the information flow control policies to be enforced by the information system using protected processing domains.
Draft
AC-4(2)
CCI-002192
Defines the policies to enforce dynamic information flow control.
Draft
AC-4(3)
CCI-002193
Defines procedures or methods to be employed to prevent encrypted information from bypassing flow control mechanisms, such as decrypting the information, blocking the flow of the encrypted information, and/or terminating communications sessions attempting to pass encrypted information.
Draft
AC-4(4)
CCI-002194
Defines the metadata the information system uses to enforce information flow control.
Draft
AC-4(6)
CCI-002195
Defines the information flows against which the organization-defined security or privacy policy filters are to be enforced.
Draft
AC-4(8)
CCI-002196
Defines the information flows for which will enforce the use of human reviews under organization-defined conditions.
Draft
AC-4(9)
CCI-002197
Defines the conditions which will require the use of human reviews of organization-defined information flows.
Draft
AC-4(9)
CCI-002198
Enforce the use of human reviews for organization-defined information flows under organization-defined conditions.
Draft
AC-4(9)
CCI-002199
Defines the conditions that provides the capability for privileged administrators to enable and disable organization-defined security policy filters.
Draft
AC-4(10)
CCI-002200
Defines the data type identifiers to be used to validate data being transferred between different security domains.
Draft
AC-4(12)
CCI-002201
When transferring information between different security domains, use organization-defined data type identifiers to validate data essential for information flow decisions.
Draft
AC-4(12)
CCI-002202
Defines the policy-relevant subcomponents into which information being transferred between different security domains is to be decomposed for submission to policy enforcement mechanisms.
Draft
AC-4(13)
CCI-002203
Defines the unsanctioned information when transferring information between different security domains.
Draft
AC-4(15)
CCI-002204
Defines the security or privacy policy which prohibits the transfer of unsanctioned information between different security domains.
Draft
AC-4(15)
CCI-002205
Uniquely identify and authenticate source by organization, system, application, service, and/or individual for information transfer.
Draft
AC-4(17)
CCI-002206
The information system uniquely authenticates source by organization, system, application, and/or individual for information transfer.
Deprecated
AC-4(17)
CCI-002207
Uniquely identify and authenticate destination points by organization, system, application, service, and/or individual for information transfer.
Draft
AC-4(17)
CCI-002208
The information system uniquely authenticates destination by organization, system, application, and/or individual for information transfer.
Deprecated
AC-4(17)
CCI-002209
The organization defines the techniques to be used to bind security attributes to information.
Draft
AC-4(18)
CCI-002210
The information system binds security attributes to information using organization-defined binding techniques to facilitate information flow policy enforcement.
Draft
AC-4(18)
CCI-002211
When transferring information between different security domains, implement organization-defined security or privacy filters on metadata.
Draft
AC-4(19)
CCI-002212
Defines the solutions in approved configurations to be employed to control the flow of organization-defined information across security domains.
Draft
AC-4(20)
CCI-002213
Defines the information to be subjected to flow control across security domains.
Draft
AC-4(20)
CCI-002214
Employ organization-defined solutions in approved configurations to control the flow of organization-defined information across security domains.
Draft
AC-4(20)
CCI-002215
Defines the mechanisms and/or techniques to be used to logically or physically separate information flows.
Draft
AC-4(21)
CCI-002216
Defines the types of information required to accomplish logical or physical separation of information flows.
Draft
AC-4(21)
CCI-002217
Separate information flows logically or physically using organization-defined mechanisms and/or techniques to accomplish organization-defined required separations by types of information.
Draft
AC-4(21)
CCI-002218
Provide access from a single device to computing platforms, applications, or data residing on multiple different security domains, while preventing any information flow between the different security domains.
Draft
AC-4(22)
CCI-002219
Defines the duties of individuals requiring separation.
Draft
AC-5
CCI-002220
Define system access authorizations to support separation of duties.
Draft
AC-5
Prev
1...
69
70
71
72
73
74
75
76
77
...172
Next