home || catalog: SP800-53rev3 / class: Technical / family: (SC) System and Communications Protection ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC

SC-01
SC-02
SC-03
SC-04 *
SC-05
SC-06
SC-07
SC-08
SC-09
SC-10
SC-11
SC-12
SC-13
SC-14
SC-15
SC-16
SC-17
SC-18
SC-19
SC-20
SC-21
SC-22
SC-23
SC-24
SC-25
SC-26
SC-27
SC-28
SC-29
SC-30
SC-31
SC-32
SC-33

SI
MMMMM

  SC-04: Information in Shared Resources  

base control objective:
The information system prevents unauthorized and unintended information transfer via shared system resources.

supplemental objective information:
The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after that resource has been released back to the information system. Control of information in shared resources is also referred to as object reuse. This control does not address: (i) information remanence which refers to residual representation of data that has been in some way nominally erased or removed; (ii) covert channels where shared resources are manipulated to achieve a violation of information flow restrictions; or (iii) components in the information system for which there is only a single user/role.

enhancements to the base objective:

(1) The information system does not share resources that are used to interface with systems operating at different security levels.
Enhancement Supplemental Guidance: Shared resources include, for example, memory, input/output queues, and network interface cards.

mapping to FIPS199 baseline:

  LOW: null     MOD: base     HIGH: base  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for SC-04:

None.

Document Date Status Title

Search SP800-53rev3 catalog: