AC-16(7): Consistent Attribute Interpretation

Control Family:

Access Control

CSF v1.1 References:


(Not part of any baseline)

Next Version:

Control Statement

The organization provides a consistent interpretation of security attributes transmitted between distributed information system components.

Supplemental Guidance

In order to enforce security policies across multiple components in distributed information systems (e.g., distributed database management systems, cloud-based systems, and service-oriented architectures), organizations provide a consistent interpretation of security attributes that are used in access enforcement and flow enforcement decisions. Organizations establish agreements and processes to ensure that all distributed information system components implement security attributes with consistent interpretations in automated access/flow enforcement actions.