Red Hat Virtualization Manager - Access Control

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
AC-1 Access Control Policy And Procedures

not applicable

AC-2 Account Management

not applicable

AC-2 (1) Automated System Account Management
AC-2 (2) Removal Of Temporary / Emergency Accounts
AC-2 (3) Disable Inactive Accounts
AC-2 (4) Automated Audit Actions
AC-2 (5) Inactivity Logout
AC-2 (6) Dynamic Privilege Management
AC-2 (7) Role-Based Schemes
AC-2 (8) Dynamic Account Creation
AC-2 (9) Restrictions On Use Of Shared / Group Accounts
AC-2 (10) Shared / Group Account Credential Termination
AC-2 (11) Usage Conditions
AC-2 (12) Account Monitoring / Atypical Usage
AC-2 (13) Disable Accounts For High-Risk Individuals
AC-3 Access Enforcement

planned

AC-3 (1) Restricted Access To Privileged Functions
AC-3 (2) Dual Authorization
AC-3 (3) Mandatory Access Control
AC-3 (4) Discretionary Access Control
AC-3 (5) Security-Relevant Information
AC-3 (6) Protection Of User And System Information
AC-3 (7) Role-Based Access Control
AC-3 (8) Revocation Of Access Authorizations
AC-3 (9) Controlled Release
AC-3 (10) Audited Override Of Access Control Mechanisms
AC-4 Information Flow Enforcement
AC-4 (1) Object Security Attributes
AC-4 (2) Processing Domains
AC-4 (3) Dynamic Information Flow Control
AC-4 (4) Content Check Encrypted Information
AC-4 (5) Embedded Data Types
AC-4 (6) Metadata
AC-4 (7) One-Way Flow Mechanisms
AC-4 (8) Security Policy Filters
AC-4 (9) Human Reviews
AC-4 (10) Enable / Disable Security Policy Filters
AC-4 (11) Configuration Of Security Policy Filters
AC-4 (12) Data Type Identifiers
AC-4 (13) Decomposition Into Policy-Relevant Subcomponents
AC-4 (14) Security Policy Filter Constraints
AC-4 (15) Detection Of Unsanctioned Information
AC-4 (16) Information Transfers On Interconnected Systems
AC-4 (17) Domain Authentication
AC-4 (18) Security Attribute Binding
AC-4 (19) Validation Of Metadata