SA-8(18): Trusted Communications Channels
Control Family:
Parent Control:
Baselines:
(Not part of any baseline)
Control is new to this version of the control set.
Control Statement
Implement the security design principle of trusted communications channels in [Assignment: organization-defined systems or system components].
Supplemental Guidance
The principle of trusted communication channels states that when composing a system where there is a potential threat to communications between components (i.e., the interconnections between components), each communication channel is trustworthy to a level commensurate with the security dependencies it supports (i.e., how much it is trusted by other components to perform its security functions). Trusted communication channels are achieved by a combination of restricting access to the communication channel (to ensure an acceptable match in the trustworthiness of the endpoints involved in the communication) and employing end-to-end protections for the data transmitted over the communication channel (to protect against interception and modification and to further increase the assurance of proper end-to-end communication).