SC-49 Hardware-enforced Separation and Policy Enforcement
Implement hardware-enforced separation and policy enforcement mechanisms between sc-49_odp.
| Parameter ID | Definition |
|---|---|
| sc-49_odp | security domains |
Baselines
- L
- M
- H
- P
Guidance
System owners may require additional strength of mechanism and robustness to ensure domain separation and policy enforcement for specific types of threats and environments of operation. Hardware-enforced separation and policy enforcement provide greater strength of mechanism than software-enforced separation and policy enforcement.
References 1
- SP 800-160-1 Ross RS, Oren JC, McEvilley M (2016) Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-160, Vol. 1, Includes updates as of March 21, 2018.
Related controls 3
- AC-04 Information Flow Enforcement L M H P
- SA-08 Security and Privacy Engineering Principles L M H P
- SC-50 Software-enforced Separation and Policy Enforcement L M H P