(a) Enforce information flow control using [Assignment: organization-defined security or privacy policy filters] as a basis for flow control decisions for [Assignment: organization-defined information flows]; and (b) [Selection (one or more): Block; Strip; Modify; Quarantine] data after a filter processing failure in accordance with [Assignment: organization-defined security or privacy policy].
ID | Name | Description | D3FEND |
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|
ID | Name | Description |
---|