AC-16(03) Maintenance of Attribute Associations by System

Maintain the association and integrity of ac-16.3_prm_1 to ac-16.3_prm_2.

Parameter ID Definition
ac-16.3_prm_1 organization-defined security and privacy attributes
ac-16.3_prm_2 organization-defined subjects and objects
ac-16.03_odp.01 security attributes
ac-16.03_odp.02 privacy attributes
ac-16.03_odp.03 subjects
ac-16.03_odp.04 objects
ac-16.03_odp.05 subjects
ac-16.03_odp.06 objects

Baselines

Guidance

Maintaining the association and integrity of security and privacy attributes to subjects and objects with sufficient assurance helps to ensure that the attribute associations can be used as the basis of automated policy actions. The integrity of specific items, such as security configuration files, may be maintained through the use of an integrity monitoring mechanism that detects anomalies and changes that deviate from "known good" baselines. Automated policy actions include retention date expirations, access control decisions, information flow control decisions, and information disclosure decisions.