home || catalog: SP800-53rev3 / class: Technical / family: (SC) System and Communications Protection ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC

SC-01
SC-02
SC-03
SC-04
SC-05
SC-06
SC-07
SC-08 *
SC-09
SC-10
SC-11
SC-12
SC-13
SC-14
SC-15
SC-16
SC-17
SC-18
SC-19
SC-20
SC-21
SC-22
SC-23
SC-24
SC-25
SC-26
SC-27
SC-28
SC-29
SC-30
SC-31
SC-32
SC-33

SI
MMMMM

  SC-08: Transmission Integrity  

base control objective:
The information system protects the integrity of transmitted information.

supplemental objective information:
This control applies to communications across internal and external networks. If the organization is relying on a commercial service provider for transmission services as a commodity item rather than a fully dedicated service, it may be more difficult to obtain the necessary assurances regarding the implementation of needed security controls for transmission integrity. When it is infeasible or impractical to obtain the necessary security controls and assurances of control effectiveness through appropriate contracting vehicles, the organization either implements appropriate compensating security controls or explicitly accepts the additional risk.

enhancements to the base objective:

(1) The organization employs cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures.
Enhancement Supplemental Guidance: Alternative physical protection measures include, for example, protected distribution systems.

(2) The information system maintains the integrity of information during aggregation, packaging, and transformation in preparation for transmission.
Enhancement Supplemental Guidance: Information can be intentionally and/or maliciously modified at data aggregation or protocol transformation points, compromising the integrity of the information.

(3) The organization employs [Selection: FIPS 140-2 validated; NSA-approved] cryptography to implement digital signatures.

mapping to FIPS199 baseline:

  LOW: null     MOD: base (1)     HIGH: base (1)  

related (regimented) controls:

AC-17   Remote Access
PE-04   Access Control for Transmission Medium

documents referenced in SP800-53rev3 for SC-08:

Document Date Status Title
FIPS 198 July, 2008 current   The Keyed-Hash Message Authentication Code (HMAC)
NIST SP800-107 August, 2012 current   Recommendation for Applications Using Approved Hash Algorithms
NIST SP800-113 July, 2008 current   Guide to SSL VPNs
NIST SP800-44 September 2002 current   Guidelines on Securing Public Web Servers
NIST SP800-45 August, 2006 DRAFT   Guidelines on Electronic Mail Security
NIST SP800-49 November, 2002 current   Federal S/MIME V3 Client Profile
NIST SP800-52 June, 2005 current   Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations
NIST SP800-54 September, 2006 DRAFT   Border Gateway Protocol Security
NIST SP800-57, part1 August, 2005 current   Recommendation for Key Management, part 1
NIST SP800-57, part2 August, 2005 current   Recommendation for Key Management, part 2
NIST SP800-58 January, 2005 current   Security Considerations for Voice Over IP Systems
NIST SP800-66 October, 2008 current   An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
NIST SP800-77 December, 2005 current   Guide to IPsec VPNs
NIST SP800-81 August, 2010 current   Secure Domain Name System (DNS) Deployment Guide
NIST SP800-95 August, 2006 DRAFT   Guide to Secure Web Services
NIST SP800-97 SP800-97 DRAFT   Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i

Search SP800-53rev3 catalog: