AC-4(23): Modify Non-releasable Information

Control Family:

Access Control

Parent Control:

AC-4: Information Flow Enforcement

CSF v1.1 References:

ID.AM-3
PR.AC-5
PR.DS-5
DE.AE-1

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Control is new to this version of the control set.

Control Statement

When transferring information between different security domains, modify non-releasable information by implementing [Assignment: organization-defined modification action].

Supplemental Guidance

Modifying non-releasable information can help prevent a data spill or attack when information is transferred across security domains. Modification actions include masking, permutation, alteration, removal, or redaction.