Fandom

The IT Law Wiki

Information flow control

32,194pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

Information flow control

[is a] procedure to ensure that information transfers within a system are not made from a higher security level object to an object of a lower security level.[1]
regulates where CUI is allowed to travel within an information system and between information systems (as opposed to who is allowed to access the information) and without explicit regard to subsequent accesses to that information.[2]

Overview Edit

"Flow control restrictions include, for example, keeping export-controlled information from being transmitted in the clear to the Internet, blocking outside traffic that claims to be from within the organization, restricting web requests to the Internet that are not from the internal web proxy server, and limiting information transfers between organizations based on data structures and content."[3]

References Edit

  1. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  2. NIST Special Publication SP 800-171, at 8 n.17.
  3. Id.

Also on Fandom

Random Wiki