AC-03(11) Restrict Access to Specific Information Types

Restrict access to data repositories containing ac-03.11_odp.

Parameter ID Definition
ac-03.11_odp information types



Restricting access to specific information is intended to provide flexibility regarding access control of specific information types within a system. For example, role-based access could be employed to allow access to only a specific type of personally identifiable information within a database rather than allowing access to the database in its entirety. Other examples include restricting access to cryptographic keys, authentication information, and selected system information.

Related controls 4