Access Control (AC)
When transferring information between different security domains, implement [Assignment: organization-defined security or privacy policy filters] on metadata.
Access Control (AC)
Employ [Assignment: organization-defined solutions in approved configurations] to control the flow of [Assignment: organization-defined information] across security domains.
Access Control (AC)
Separate information flows logically or physically using [Assignment: organization-defined mechanisms and/or techniques] to accomplish [Assignment: organization-defined required separations by types of information].
Access Control (AC)
Provide access from a single device to computing platforms, applications, or data residing in multiple different security domains, while preventing information flow between the different security domains.
Access Control (AC)
When transferring information between different security domains, modify non-releasable information by implementing [Assignment: organization-defined modification action].
Access Control (AC)
When transferring information between different security domains, parse incoming data into an internal normalized format and regenerate the data to be consistent with its intended specification.
Access Control (AC)
When transferring information between different security domains, sanitize data to minimize [Selection (one or more): delivery of malicious content, command and control of malicious code, malicious code augmentation, and steganography encoded data; spillage of sensitive information] in accordance with [Assignment: organization-defined policy]].
Access Control (AC)
When transferring information between different security domains, record and audit content filtering actions and results for the information being filtered.
Access Control (AC)
When transferring information between different security domains, implement content filtering solutions that provide redundant and independent filtering mechanisms for each data type.
Access Control (AC)
When transferring information between different security domains, implement a linear content filter pipeline that is enforced with discretionary and mandatory access controls.
