Navigate

AC-16 (8)

AC-16 (8): Association Techniques / Technologies

The information system implements [Assignment: organization-defined techniques or technologies] with [Assignment: organization-defined level of assurance] in associating security attributes to information.

Supplemental

The association (i.e., binding) of security attributes to information within information systems is of significant importance with regard to conducting automated access enforcement and flow enforcement actions. The association of such security attributes can be accomplished with technologies/techniques providing different levels of assurance. For example, information systems can cryptographically bind security attributes to information using digital signatures with the supporting cryptographic keys protected by hardware devices (sometimes known as hardware roots of trust).

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer)

Related Controls

The controls below (if any) were marked by NIST as being related to AC-16 (8).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AC-16 (8).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-16 (8).

CCI	Definition
CCI-002300	The organization defines the techniques or technologies to be implemented when associating security attributes with information.
CCI-002301	The organization defines the level of assurance to be provided when implementing organization-defined techniques or technologies in associating security attributes to information.
CCI-002302	The information system implements organization-defined techniques or technologies with an organization-defined level of assurance in associating security attributes to information.