AC-16(7): Consistent Attribute Interpretation

Control Family:

Access Control

Parent Control:

AC-16: Security Attributes

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-16(7): Consistent Attribute Interpretation

Control Statement

The organization provides a consistent interpretation of security attributes transmitted between distributed information system components.

Supplemental Guidance

In order to enforce security policies across multiple components in distributed information systems (e.g., distributed database management systems, cloud-based systems, and service-oriented architectures), organizations provide a consistent interpretation of security attributes that are used in access enforcement and flow enforcement decisions. Organizations establish agreements and processes to ensure that all distributed information system components implement security attributes with consistent interpretations in automated access/flow enforcement actions.