Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system prevents unauthorized and unintended information transfer via shared system resources.
NIST 800-53 (r4) Supplemental Guidance:
This control prevents information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection. This control does not address: (i) information remanence which refers to residual representation of data that has been nominally erased or removed; (ii) covert channels (including storage and/or timing channels) where shared resources are manipulated to violate information flow restrictions; or (iii) components within information systems for which there are only single users/roles. Related controls: AC-3, AC-4, MP-6.
NIST 800-53 (r5) Discussion:
Preventing unauthorized and unintended information transfer via shared system resources stops information produced by the actions of prior users or roles (or the actions of processes acting on behalf of prior users or roles) from being available to current users or roles (or current processes acting on behalf of current users or roles) that obtain access to shared system resources after those resources have been released back to the system. Information in shared system resources also applies to encrypted representations of information. In other contexts, control of information in shared system resources is referred to as object reuse and residual information protection. Information in shared system resources does not address information remanence, which refers to the residual representation of data that has been nominally deleted; covert channels (including storage and timing channels), where shared system resources are manipulated to violate information flow restrictions; or components within systems for which there are only single users or roles.
38North Guidance:
Meets Minimum Requirement:
Implement Role-Based Access Controls (RBAC) via directory services such as Active Directory and cloud-native Identity and Access Management (IAM) services to control user access to system resources.
Implement network segmentation techniques based on business functions via logically isolated virtual private networks, public/private subnets, network/host-based firewalls and access control lists.
Enforce logical isolation between customers when utilizing multi-tenant storage solutions.
Best Practice:
Each customer should have a dedicated virtual network environment with dedicated storage (e.g., database, object, block volume, file, cache, etc.).
Implement data loss and data leakage prevention tools (e.g., Digital Guardian, Symantec, etc.) at internal endpoints, external boundaries, and across managed interfaces.
Encrypt data at rest and in transit utilizing FIPS 140-2 validated cryptographic modules and implement access/usage restrictions around encryption keys.
Unofficial FedRAMP Guidance:
Multi-tenant storage solutions are permissible with strict logical isolation controls. However, the DoD, and some non-DoD agencies, require dedicated storage.
Assessment Evidence:
Configuration settings for firewalls, access control lists.
RBAC schema and Separation of Duties matrix.
Evidence of network segmentation.
Live demonstration showing RBAC effectiveness. For example, a CSP administrator attempting to access a database to which he/she does not have permission.
CSP Implementation Tips:
Amazon Web Services (AWS):
Utilize FIPS endpoints for connecting to AWS services.
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse