AC-16(1): Dynamic Attribute Association

Control Family:

Access Control

CSF v1.1 References:

Baselines:

(Not part of any baseline)

Next Version:

Control Statement

The information system dynamically associates security attributes with [Assignment: organization-defined subjects and objects] in accordance with [Assignment: organization-defined security policies] as information is created and combined.

Supplemental Guidance

Dynamic association of security attributes is appropriate whenever the security characteristics of information changes over time. Security attributes may change, for example, due to information aggregation issues (i.e., the security characteristics of individual information elements are different from the combined elements), changes in individual access authorizations (i.e., privileges), and changes in the security category of information.