The information system, when transferring information between different security domains, decomposes information into [organization-defined policy-relevant subcomponents] for submission to policy enforcement mechanisms.
Supplemental
Policy enforcement mechanisms apply filtering, inspection, and/or sanitization rules to the policy-relevant subcomponents of information to facilitate flow enforcement prior to transferring such information to different security domains. Parsing transfer files facilitates policy decisions on source, destination, certificates, classification, attachments, and other security-related component differentiators.