NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
AC-1
AC-2
AC-2(1)
AC-2(2)
AC-2(3)
AC-2(4)
AC-2(5)
AC-2(6)
AC-2(7)
AC-2(8)
AC-2(9)
AC-2(11)
AC-2(12)
AC-2(13)
AC-3
AC-14(1)
AC-3(2)
AC-3(3)
AC-3(4)
AC-3(5)
AC-15
AC-3(7)
AC-3(8)
AC-3(9)
AC-3(10)
AC-3(11)
AC-3(12)
AC-3(13)
AC-3(14)
AC-3(15)
AC-4
AC-4(1)
AC-4(2)
AC-4(3)
AC-4(4)
AC-4(5)
AC-4(6)
AC-4(7)
AC-4(8)
AC-4(9)
AC-4(10)
AC-4(11)
AC-4(12)
AC-4(13)
AC-4(14)
AC-4(15)
AC-17(5)
AC-4(17)
AC-17(7)
AC-4(19)
AC-4(20)
AC-4(21)
AC-4(22)
AC-4(23)
AC-4(24)
AC-4(25)
AC-4(26)
AC-4(27)
AC-4(28)
AC-4(29)
AC-4(30)
AC-4(31)
AC-4(32)
AC-5
AC-6
AC-6(1)
AC-6(2)
AC-6(3)
AC-6(4)
AC-6(5)
AC-6(6)
AC-6(7)
AC-6(8)
AC-6(9)
AC-6(10)
AC-7
AC-17(8)
AC-7(2)
AC-7(3)
AC-7(4)
AC-8
AC-9
AC-9(1)
AC-9(2)
AC-9(3)
AC-9(4)
AC-10
AC-11
AC-11(1)
AC-12
AC-12(1)
AC-12(2)
AC-12(3)
AC-13
AC-14
AC-19(1)
AC-19(2)
AC-16
AC-16(1)
AC-16(2)
AC-16(3)
AC-16(4)
AC-16(5)
AC-16(6)
AC-16(7)
AC-16(8)
AC-16(9)
AC-16(10)
AC-17
AC-17(1)
AC-17(2)
AC-17(3)
AC-17(4)
AC-17(6)
AC-18(2)
AC-19(3)
AC-2(10)
AC-3(1)
AC-17(9)
AC-17(10)
AC-18
AC-18(1)
AC-3(6)
AC-18(3)
AC-18(4)
AC-18(5)
AC-19
AC-4(16)
AC-4(18)
AC-7(1)
AC-19(4)
AC-19(5)
AC-20
AC-20(1)
AC-20(2)
AC-20(3)
AC-20(4)
AC-20(5)
AC-21
AC-21(1)
AC-21(2)
AC-22
AC-23
AC-24
AC-24(1)
AC-24(2)
AC-25

AC-4(19): Information Flow Enforcement | Validation of Metadata

Control Text:

When transferring information between different security domains, implement [Assignment: organization-defined security or privacy policy filters] on metadata.

All information (including metadata and the data to which the metadata applies) is subject to filtering and inspection. Some organizations distinguish between metadata and data payloads (i.e., only the data to which the metadata is bound). Other organizations do not make such distinctions and consider metadata and the data to which the metadata applies to be part of the payload.

Related Controls

  • None