Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system maintains a separate execution domain for each executing process.
NIST 800-53 (r4) Supplemental Guidance:
Information systems can maintain separate execution domains for each executing process by assigning each process a separate address space. Each information system process has a distinct address space so that communication between processes is performed in a manner controlled through the security functions, and one process cannot modify the executing code of another process. Maintaining separate execution domains for executing processes can be achieved, for example, by implementing separate address spaces. This capability is available in most commercial operating systems that employ multi-state processor technologies. Related controls: AC-3, AC-4, AC-6, SA-4, SA-5, SA-8, SC-2, SC-3.
NIST 800-53 (r5) Discussion:
Systems can maintain separate execution domains for each executing process by assigning each process a separate address space. Each system process has a distinct address space so that communication between processes is performed in a manner controlled through the security functions, and one process cannot modify the executing code of another process. Maintaining separate execution domains for executing processes can be achieved, for example, by implementing separate address spaces. Process isolation technologies, including sandboxing or virtualization, logically separate software and firmware from other software, firmware, and data. Process isolation helps limit the access of potentially untrusted software to other system resources. The capability to maintain separate execution domains is available in commercial operating systems that employ multi-state processor technologies.
38North Guidance:
Meets Minimum Requirement:
Maintain a separate execution domain for each executing process.
Best Practice:
Implement Address Space Layout Randomization (ASLR) within operating systems.
Implement Security-Enhanced Linux (SELinux) in Linux.
Implement sandboxing or virtualization via hypervisor or container engine technologies.
Utilize dedicated namespaces.
Unofficial FedRAMP Guidance:
The capability to maintain separate execution domains is available in commercial operating systems that employ multi-state processor technologies.
Assessment Evidence:
Ask an administrator to demonstrate how the information system maintains a separate execution domain for each executing process. Have the administrator logon to an information system process (via one address) and attempt to access another process (via a separate address), if available. For example, shared memory (where it is possible for two pieces of the program to look at the same address space in the memory of the information system) and/or queues (where data is pushed/pulled from two separate spaces within the information system).
Evidence of sandboxing or virtualization technologies being utilized.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse