STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AC-4 (14)

Access ControlRev 5system

Information Flow Enforcement

Control Statement

When transferring information between different security domains, implement [Assignment: organization-defined security or privacy policy filters] requiring fully enumerated formats that restrict data structure and content.

Supplemental Guidance

Data structure and content restrictions reduce the range of potential malicious or unsanctioned content in cross-domain transactions. Security or privacy policy filters that restrict data structures include restricting file sizes and field lengths. Data content policy filters include encoding formats for character sets, restricting character data fields to only contain alpha-numeric characters, prohibiting special characters, and validating schema structures.

CCI Identifiers (2)

CCI-001371Defines security or privacy policy filters requiring fully enumerated formats which are to be implemented when transferring information between different security domains.CCI-001372When transferring information between different security domains, implement organization-defined security or privacy policy filters requiring fully enumerated formats that restrict data structure and content.

Linked STIG Checks (1)

Across 1 STIGs. Click to expand.