|
controlAC-25
Reference Monitor (AC-25)
Implement a reference monitor for [organization-defined] that is tamperproof, always invoked, and small enough to be subject to analysis and testing, the completeness of which can be assured.
access-controlauthorizationleast-privilege
Why These Connect
Supports12
These related controls work together — a change to one may affect the others.
Related Controls(9)
AC-3Access Enforcement (AC-3)
LMH
AC-16Security and Privacy Attributes (AC-16)SA-8Security and Privacy Engineering Principles (SA-8)LMH
SA-17Developer Security and Privacy Architecture and Design (SA-17)H
SC-3Security Function Isolation (SC-3)H
SC-11Trusted Path (SC-11)SC-39Process Isolation (SC-39)LMH
SI-13Predictable Failure Prevention (SI-13)SI-16Memory Protection (SI-16)MH