AC-24(2) - Access Control Decisions | No User or Process Identity

Enforce access control decisions based on [Assignment: organization-defined security or privacy attributes] that do not include the identity of the user or process acting on behalf of the user.

Informational References

ID: AC-24(2)
Enhancement of : AC-24
Created: 2023/05/08
Last Modified: 2023/05/08

Countermeasures Covered by Control

ID Name Description

Space Threats Tagged by Control

ID Description

Sample Requirements


Related SPARTA Techniques and Sub-Techniques

ID Name Description