Access control

Estimated reading time: 63 minutes

AC-1 Access Control Policy And Procedures

Description

The organization:

  1. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]:
    1. An access control policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
    2. Procedures to facilitate the implementation of the access control policy and associated access controls; and
  2. Reviews and updates the current:
    1. Access control policy [Assignment: organization-defined frequency]; and
    2. Access control procedures [Assignment: organization-defined frequency].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams are allowed to create and manipulate Docker Enterprise Edition resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can found at the following resources:

AC-2 Account Management

Description

The organization:

  1. Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];
  2. Assigns account managers for information system accounts;
  3. Establishes conditions for group and role membership;
  4. Specifies authorized users of the information system, group and role membership, and access authorizations (i.e., privileges) and other attributes (as required) for each account;
  5. Requires approvals by [Assignment: organization-defined personnel or roles] for requests to create information system accounts;
  6. Creates, enables, modifies, disables, and removes information system accounts in accordance with [Assignment: organization-defined procedures or conditions];
  7. Monitors the use of information system accounts;
  8. Notifies account managers:
    1. When accounts are no longer required;
    2. When users are terminated or transferred; and
    3. When individual information system usage or need-to-know changes;
  9. Authorizes access to the information system based on:
    1. A valid access authorization;
    2. Intended system usage; and
    3. Other attributes as required by the organization or associated missions/business functions;
  10. Reviews accounts for compliance with account management requirements [Assignment: organization-defined frequency]; and
  11. Establishes a process for reissuing shared/group account credentials (if deployed) when individuals are removed from the group.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, an external identity management system (such as Microsoft's Active Directory or an LDAP endpoint) can be configured as mandated by this control and can be integrated with Docker Enterprise Edition. Supporting documentation can be found at the following resources:

AC-2 (1) Automated System Account Management

Description

The organization employs automated mechanisms to support the management of information system accounts.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, supporting documentation for managing users and teams can found at the following resources:
To assist the organization in meeting the requirements of this control, supporting documentation for managing users and teams can found at the following resources:
To assist the organization in meeting the requirements of this control, an external identity management system (such as Microsoft's Active Directory or an LDAP endpoint) can be configured as mandated by this control and can be integrated with Docker Enterprise Edition. Supporting documentation can be found at the following resources:

AC-2 (2) Removal Of Temporary / Emergency Accounts

Description

The information system automatically [Selection: removes; disables] temporary and emergency accounts after [Assignment: organization-defined time period for each type of account].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

Using Docker Enterprise Edition's LDAP integration capabilities, one can disable and/or remove temporary and emergency accounts in a connected directory service (such as Active Directory) after an organization-defined time period. When a user is removed from LDAP, that user becomes inactive after the LDAP synchronization runs. Supporting documentation can be found at the following resources:

AC-2 (3) Disable Inactive Accounts

Description

The information system automatically disables inactive accounts after [Assignment: organization-defined time period].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

Using Docker Enterprise Edition's LDAP integration capabilities, one can automatically disable inactive accounts in a connected directory service (such as Active Directory). When a user is removed from LDAP, that user becomes inactive after the LDAP synchronization runs. Supporting documentation can be found at the following resources:

AC-2 (4) Automated Audit Actions

Description

The information system automatically audits account creation, modification, enabling, disabling, and removal actions, and notifies [Assignment: organization-defined personnel or roles].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

Docker Enterprise Edition logs various authentication and authorization events to standard log files. One can configure Docker Enterprise Edition to direct these event logs to a remote logging service such as an Elasticsearch, Logstash and Kibana (ELK) stack and subsequently alert on specific event types. When integrating Docker Enterprise Edition with LDAP, one can refer the the directory service's logging mechanisms for auditing the events defined by this control. Supporting documentation can be found at the following resources:

AC-2 (5) Inactivity Logout

Description

The organization requires that users log out when [Assignment: organization-defined time-period of expected inactivity or description of when to log out].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, Docker Enterprise Edition can be configured to enforce automated session termination of users after an organization-defined time period of inactivity. By default, the initial lifetime of a user's session is set to 72 hours and the renewal session for a user's session is set to 24 hours. These values can both be changed in the "Auth" section of the "Admin Settings" in Universal Control Plane.

AC-2 (6) Dynamic Privilege Management

Description

The information system implements the following dynamic privilege management capabilities: [Assignment: organization-defined list of dynamic privilege management capabilities].

Control Information

Responsible role(s) - Organization

AC-2 (7) Role-Based Schemes

Description

The organization:

  1. Establishes and administers privileged user accounts in accordance with a role-based access scheme that organizes allowed information system access and privileges into roles;
  2. Monitors privileged role assignments; and
  3. Takes [Assignment: organization-defined actions] when privileged role assignments are no longer appropriate.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, supporting documentation can be found at the following resources:
To assist the organization in meeting the requirements of this control, supporting documentation can be found at the following resources:
To assist the organization in meeting the requirements of this control, Docker Enterprise Edition supports various levels of user permissions and role-based access control enforcements. Administrator users have permissions to: manage other Docker Enterprise Edition users, manage Docker Trusted Registry repositories and settings, and manage the Universal Control Plane and underlying Docker Swarm Mode cluster. Supporting documentation can be found at the following resources:

AC-2 (8) Dynamic Account Creation

Description

The information system creates [Assignment: organization-defined information system accounts] dynamically.

Control Information

Responsible role(s) - Organization

AC-2 (9) Restrictions On Use Of Shared / Group Accounts

Description

The organization only permits the use of shared/group accounts that meet [Assignment: organization-defined conditions for establishing shared/group accounts].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, users and/or groups synchronized to Docker Enterprise Edition via LDAP can be configured at the directory service.

AC-2 (10) Shared / Group Account Credential Termination

Description

The information system terminates shared/group account credentials when members leave the group.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

Users and/or groups synchronized to Docker Enterprise Edition via LDAP can be configured at the directory service to ensure shared/group account credentials are terminated when members leave the group.

AC-2 (11) Usage Conditions

Description

The information system enforces [Assignment: organization-defined circumstances and/or usage conditions] for [Assignment: organization-defined information system accounts].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

Information system accounts synchronized to Docker Enterprise Edition via LDAP can be configured at the directory service to meet this requirement as necessary.

AC-2 (12) Account Monitoring / Atypical Usage

Description

The organization:

  1. Monitors information system accounts for [Assignment: organization-defined atypical usage]; and
  2. Reports atypical usage of information system accounts to [Assignment: organization-defined personnel or roles].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, supporting documentation can be found at the following resources:
To assist the organization in meeting the requirements of this control, Docker Enterprise Edition can be configured to aggregate container and daemon events via a number of logging drivers. Supporting documentation can be found at the following resources:
To assist the organization in meeting the requirements of this control, when Docker Enterprise Edition is configured for LDAP integration, one can refer to the directory service's existing monitoring tools.

AC-2 (13) Disable Accounts For High-Risk Individuals

Description

The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, users and/or groups synchronized to Docker Enterprise Edition via LDAP can be managed at the directory service and disabled if posing a significant risk.

AC-3 Access Enforcement

Description

The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Universal Control Plane (UCP) complete
 Docker EE system
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

One can control which users and teams can create and manipulate Docker Trusted Registry resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:
One can control which users and teams can create and manipulate Docker Enterprise Edition resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. The eNZi component facilitates authorizations as dictated by the system's administrators. Supporting documentation can be found at the following resources:

AC-3 (2) Dual Authorization

Description

The information system enforces dual authorization for [Assignment: organization-defined privileged commands and/or other organization-defined actions].

Control Information

Responsible role(s) - Organization

AC-3 (3) Mandatory Access Control

Description

The information system enforces [Assignment: organization-defined mandatory access control policy] over all subjects and objects where the policy:

  1. Is uniformly enforced across all subjects and objects within the boundary of the information system;
  2. Specifies that a subject that has been granted access to information is constrained from doing any of the following;
    1. Passing the information to unauthorized subjects or objects;
    2. Granting its privileges to other subjects;
    3. Changing one or more security attributes on subjects, objects, the information system, or information system components;
    4. Choosing the security attributes and attribute values to be associated with newly created or modified objects; or
    5. Changing the rules governing access control; and
  3. Specifies that [Assignment: organization-defined subjects] may explicitly be granted [Assignment: organization-defined privileges (i.e., they are trusted subjects)] such that they are not limited by some or all of the above constraints.

Control Information

Responsible role(s) - Organization

AC-3 (4) Discretionary Access Control

Description

The information system enforces [Assignment: organization-defined discretionary access control policy] over defined subjects and objects where the policy specifies that a subject that has been granted access to information can do one or more of the following:

  1. Pass the information to any other subjects or objects;
  2. Grant its privileges to other subjects;
  3. Change security attributes on subjects, objects, the information system, or the information system�s components;
  4. Choose the security attributes to be associated with newly created or revised objects; or
  5. Change the rules governing access control.

Control Information

Responsible role(s) - Organization

AC-3 (5) Security-Relevant Information

Description

The information system prevents access to [Assignment: organization-defined security-relevant information] except during secure, non-operable system states.

Control Information

Responsible role(s) - Organization

AC-3 (7) Role-Based Access Control

Description

The information system enforces a role-based access control policy over defined subjects and objects and controls access based upon [Assignment: organization-defined roles and users authorized to assume such roles].

Control Information

Responsible role(s) - Organization

AC-3 (8) Revocation Of Access Authorizations

Description

The information system enforces the revocation of access authorizations resulting from changes to the security attributes of subjects and objects based on [Assignment: organization-defined rules governing the timing of revocations of access authorizations].

Control Information

Responsible role(s) - Organization

AC-3 (9) Controlled Release

Description

The information system does not release information outside of the established system boundary unless:

  1. The receiving [Assignment: organization-defined information system or system component] provides [Assignment: organization-defined security safeguards]; and
  2. [Assignment: organization-defined security safeguards] are used to validate the appropriateness of the information designated for release.

Control Information

Responsible role(s) - Organization

AC-3 (10) Audited Override Of Access Control Mechanisms

Description

The organization employs an audited override of automated access control mechanisms under [Assignment: organization-defined conditions].

Control Information

Responsible role(s) - Organization

AC-4 Information Flow Enforcement

Description

The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems based on [Assignment: organization-defined information flow control policies].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

Docker Enterprise Edition can be configured to control the flow of information that originates from applications running in containers. Supporting documentation can be found at the following resources:

AC-4 (1) Object Security Attributes

Description

The information system uses [Assignment: organization-defined security attributes] associated with [Assignment: organization-defined information, source, and destination objects] to enforce [Assignment: organization-defined information flow control policies] as a basis for flow control decisions.

Control Information

Responsible role(s) - Organization

AC-4 (2) Processing Domains

Description

The information system uses protected processing domains to enforce [Assignment: organization-defined information flow control policies] as a basis for flow control decisions.

Control Information

Responsible role(s) - Organization

AC-4 (3) Dynamic Information Flow Control

Description

The information system enforces dynamic information flow control based on [Assignment: organization-defined policies].

Control Information

Responsible role(s) - Organization

AC-4 (4) Content Check Encrypted Information

Description

The information system prevents encrypted information from bypassing content-checking mechanisms by [Selection (one or more): decrypting the information; blocking the flow of the encrypted information; terminating communications sessions attempting to pass encrypted information; [Assignment: organization-defined procedure or method]].

Control Information

Responsible role(s) - Organization

AC-4 (5) Embedded Data Types

Description

The information system enforces [Assignment: organization-defined limitations] on embedding data types within other data types.

Control Information

Responsible role(s) - Organization

AC-4 (6) Metadata

Description

The information system enforces information flow control based on [Assignment: organization-defined metadata].

Control Information

Responsible role(s) - Organization

AC-4 (7) One-Way Flow Mechanisms

Description

The information system enforces [Assignment: organization-defined one-way information flows] using hardware mechanisms.

Control Information

Responsible role(s) - Organization

AC-4 (8) Security Policy Filters

Description

The information system enforces information flow control using [Assignment: organization-defined security policy filters] as a basis for flow control decisions for [Assignment: organization-defined information flows].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 shared
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 Docker EE system
shared

Implementation Details

Docker Enterprise Edition can be configured to control the flow of information that originates from applications running in containers per organization-defined security policy filters. Supporting documentation can be found at the following resources:

AC-4 (9) Human Reviews

Description

The information system enforces the use of human reviews for [Assignment: organization-defined information flows] under the following conditions: [Assignment: organization-defined conditions].

Control Information

Responsible role(s) - Organization

AC-4 (10) Enable / Disable Security Policy Filters

Description

The information system provides the capability for privileged administrators to enable/disable [Assignment: organization-defined security policy filters] under the following conditions: [Assignment: organization-defined conditions].

Control Information

Responsible role(s) - Organization

AC-4 (11) Configuration Of Security Policy Filters

Description

The information system provides the capability for privileged administrators to configure [Assignment: organization-defined security policy filters] to support different security policies.

Control Information

Responsible role(s) - Organization

AC-4 (12) Data Type Identifiers

Description

The information system, when transferring information between different security domains, uses [Assignment: organization-defined data type identifiers] to validate data essential for information flow decisions.

Control Information

Responsible role(s) - Organization

AC-4 (13) Decomposition Into Policy-Relevant Subcomponents

Description

The information system, when transferring information between different security domains, decomposes information into [Assignment: organization-defined policy-relevant subcomponents] for submission to policy enforcement mechanisms.

Control Information

Responsible role(s) - Organization

AC-4 (14) Security Policy Filter Constraints

Description

The information system, when transferring information between different security domains, implements [Assignment: organization-defined security policy filters] requiring fully enumerated formats that restrict data structure and content.

Control Information

Responsible role(s) - Organization

AC-4 (15) Detection Of Unsanctioned Information

Description

The information system, when transferring information between different security domains, examines the information for the presence of [Assignment: organized-defined unsanctioned information] and prohibits the transfer of such information in accordance with the [Assignment: organization-defined security policy].

Control Information

Responsible role(s) - Organization

AC-4 (17) Domain Authentication

Description

The information system uniquely identifies and authenticates source and destination points by [Selection (one or more): organization, system, application, individual] for information transfer.

Control Information

Responsible role(s) - Organization

AC-4 (18) Security Attribute Binding

Description

The information system binds security attributes to information using [Assignment: organization-defined binding techniques] to facilitate information flow policy enforcement.

Control Information

Responsible role(s) - Organization

AC-4 (19) Validation Of Metadata

Description

The information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads.

Control Information

Responsible role(s) - Organization

AC-4 (20) Approved Solutions

Description

The organization employs [Assignment: organization-defined solutions in approved configurations] to control the flow of [Assignment: organization-defined information] across security domains.

Control Information

Responsible role(s) - Organization

AC-4 (21) Physical / Logical Separation Of Information Flows

Description

The information system separates information flows logically or physically using [Assignment: organization-defined mechanisms and/or techniques] to accomplish [Assignment: organization-defined required separations by types of information].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 Docker EE system
shared

Implementation Details

Docker Enterprise Edition can be configured to separate the flow of information that originates from applications running in containers. Supporting documentation can be found at the following resources:

AC-4 (22) Access Only

Description

The information system provides access from a single device to computing platforms, applications, or data residing on multiple different security domains, while preventing any information flow between the different security domains.

Control Information

Responsible role(s) - Organization

AC-5 Separation Of Duties

Description

The organization:

  1. Separates [Assignment: organization-defined duties of individuals];
  2. Documents separation of duties of individuals; and
  3. Defines information system access authorizations to support separation of duties.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Docker Trusted Registry resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:
To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Universal Control Plane resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 Least Privilege

Description

The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Universal Control Plane resources and employ principles of least privilege. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 (1) Authorize Access To Security Functions

Description

The organization explicitly authorizes access to [Assignment: organization-defined security functions (deployed in hardware, software, and firmware) and security-relevant information].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Universal Control Plane resources and explicitly authorize access as necessary. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 (2) Non-Privileged Access For Nonsecurity Functions

Description

The organization requires that users of information system accounts, or roles, with access to [Assignment: organization-defined security functions or security-relevant information], use non-privileged accounts or roles, when accessing nonsecurity functions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Universal Control Plane resources. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 (3) Network Access To Privileged Commands

Description

The organization authorizes network access to [Assignment: organization-defined privileged commands] only for [Assignment: organization-defined compelling operational needs] and documents the rationale for such access in the security plan for the information system.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can control which users and teams can create and manipulate Universal Control Plane resources, including Docker networking components. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 (4) Separate Processing Domains

Description

The information system provides separate processing domains to enable finer-grained allocation of user privileges.

Control Information

Responsible role(s) - Organization

AC-6 (5) Privileged Accounts

Description

The organization restricts privileged accounts on the information system to [Assignment: organization-defined personnel or roles].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To assist the organization in meeting the requirements of this control, one can restrict privileged accounts within Universal Control Plane to custom-defined roles. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation can be found at the following resources:

AC-6 (6) Privileged Access By Non-Organizational Users

Description

The organization prohibits privileged access to the information system by non-organizational users.

Control Information

Responsible role(s) - Organization

AC-6 (7) Review Of User Privileges

Description

The organization:

  1. Reviews [Assignment: organization-defined frequency] the privileges assigned to [Assignment: organization-defined roles or classes of users] to validate the need for such privileges; and
  2. Reassigns or removes privileges, if necessary, to correctly reflect organizational mission/business needs.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

AC-6 (8) Privilege Levels For Code Execution

Description

The information system prevents [Assignment: organization-defined software] from executing at higher privilege levels than users executing the software.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

Universal Control Plane users can be assigned to one of a number of different permission levels. The permission level assigned to a specific user determines that user's ability to execute certain Docker functions within UCP. Only users mapped to either the "Full Control" or "Admin" roles can execute Docker commands without any restrictions. Users mapped to either the "View Only" or "No Access" roles cannot execute any Docker commands. Users assigned to the "Restricted Control" role can only run Docker commands under their own purview and cannot see other users UCP resources nor run commands that required privileged access to the host. Furthermore, custom roles can be created for fine-grained access to specific UCP resources and functionality. Additional documentation regarding the various permission levels within UCP can be found at the following resource:

AC-6 (9) Auditing Use Of Privileged Functions

Description

The information system audits the execution of privileged functions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Docker Enterprise Edition logs privileged user events to standard log files. One can configure Docker Enterprise Edition to direct these event logs to a remote logging service such as an Elasticsearch, Logstash and Kibana (ELK) stack and subsequently alert on specific event types. When integrating Docker Enterprise Edition with LDAP, one can refer the the directory service's logging mechanisms for auditing the events defined by this control. Supporting documentation regarding logging and monitoring can be found at the following resources:

AC-6 (10) Prohibit Non-Privileged Users From Executing Privileged Functions

Description

The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

One can control which users and teams can create and manipulate Docker Trusted Registry resources and prevent non-privileged users from executing privileged functions per the requirements of this control. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation for the configuration of this functionality can be found at the following resources:
One can control which users and teams can create and manipulate Universal Control Plane resources and prevent non-privileged users from executing privileged functions per the requirements of this control. By default, no one can make changes to the cluster. Permissions can be granted and managed to enforce fine-grained access control. Supporting documentation for the configuration of this functionality can be found at the following resources:

AC-7 Unsuccessful Logon Attempts

Description

The information system:

  1. Enforces a limit of [Assignment: organization-defined number] consecutive invalid logon attempts by a user during a [Assignment: organization-defined time period]; and
  2. Automatically [Selection: locks the account/node for an [Assignment: organization-defined time period]; locks the account/node until released by an administrator; delays next logon prompt according to [Assignment: organization-defined delay algorithm]] when the maximum number of unsuccessful attempts is exceeded.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 service provider hybrid

Implementation Details

When Docker Enterprise Edition is integrated to a directory service via LDAP, one can reference the functionality of the directory service to configure the enforcement of a limit to the number of conesecutive invalid logon attempts by a user during a specified time period.When Docker Enterprise Edition is integrated to a directory service via LDAP, one can reference the functionality of the directory service to configure he ability to automatically lock/disable an account for a specified period of time after a consecutive invalid logon attempt limit is reached.

AC-7 (2) Purge / Wipe Mobile Device

Description

The information system purges/wipes information from [Assignment: organization-defined mobile devices] based on [Assignment: organization-defined purging/wiping requirements/techniques] after [Assignment: organization-defined number] consecutive, unsuccessful device logon attempts.

Control Information

Responsible role(s) - Organization

AC-8 System Use Notification

Description

The information system:

  1. Displays to users [Assignment: organization-defined system use notification message or banner] before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance and states that:
    1. Users are accessing a U.S. Government information system;
    2. Information system usage may be monitored, recorded, and subject to audit;
    3. Unauthorized use of the information system is prohibited and subject to criminal and civil penalties; and
    4. Use of the information system indicates consent to monitoring and recording;
  2. Retains the notification message or banner on the screen until users acknowledge the usage conditions and take explicit actions to log on to or further access the information system; and
  3. For publicly accessible systems:
    1. Displays system use information [Assignment: organization-defined conditions], before granting further access;
    2. Displays references, if any, to monitoring, recording, or auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities; and
    3. Includes a description of the authorized uses of the system.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) planned
 Docker EE system

Implementation Details

The feature required to satisfy the requirements of this control has not yet been built in to Docker EE but is planned for a future release.The feature required to satisfy the requirements of this control has not yet been built in to Docker EE but is planned for a future release.The feature required to satisfy control has not yet been built in to Docker EE but is planned for a future release.

AC-9 Previous Logon (Access) Notification

Description

The information system notifies the user, upon successful logon (access) to the system, of the date and time of the last logon (access).

Control Information

Responsible role(s) - Organization

AC-9 (1) Unsuccessful Logons

Description

The information system notifies the user, upon successful logon/access, of the number of unsuccessful logon/access attempts since the last successful logon/access.

Control Information

Responsible role(s) - Organization

AC-9 (2) Successful / Unsuccessful Logons

Description

The information system notifies the user of the number of [Selection: successful logons/accesses; unsuccessful logon/access attempts; both] during [Assignment: organization-defined time period].

Control Information

Responsible role(s) - Organization

AC-9 (3) Notification Of Account Changes

Description

The information system notifies the user of changes to [Assignment: organization-defined security-related characteristics/parameters of the user�s account] during [Assignment: organization-defined time period].

Control Information

Responsible role(s) - Organization

AC-9 (4) Additional Logon Information

Description

The information system notifies the user, upon successful logon (access), of the following additional information: [Assignment: organization-defined information to be included in addition to the date and time of the last logon (access)].

Control Information

Responsible role(s) - Organization

AC-10 Concurrent Session Control

Description

The information system limits the number of concurrent sessions for each [Assignment: organization-defined account and/or account type] to [Assignment: organization-defined number].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Docker Enterprise Edition can be configured to limit the number of concurrent sessions for each account. These options can be found within the Universal Control Plane Admin Settings under the "Authentication & Authorization" section.

AC-11 Session Lock

Description

The information system:

  1. Prevents further access to the system by initiating a session lock after [Assignment: organization-defined time period] of inactivity or upon receiving a request from a user; and
  2. Retains the session lock until the user reestablishes access using established identification and authentication procedures.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Per the requirements of AC-2 (5), Docker Enterprise Edition can be configured to enforce user session lifetime limits and renewal thresholds. These options can be found within the Universal Control Plane Admin Settings under the "Authentication & Authorization" section. Configurable options include the initial lifetime (in hours) of a user's session and the renewal threshold of a session (in hours).

AC-11 (1) Pattern-Hiding Displays

Description

The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Per the requirements of AC-2 (5), Docker Enterprise Edition can be configured to enforce user session lifetime limits and renewal thresholds. These options can be found within the Universal Control Plane Admin Settings under the "Authentication & Authorization" section. Configurable options include the initial lifetime (in hours) of a user's session and the renewal threshold of a session (in hours). Upon the expiration of the configured session thresholds, a user will be locked out of his/her session per the requirements of this controls.

AC-12 Session Termination

Description

The information system automatically terminates a user session after [Assignment: organization-defined conditions or trigger events requiring session disconnect].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Per the requirements of AC-2 (5), Docker Enterprise Edition can be configured to enforce user session lifetime limits and renewal thresholds. These options can be found within the Universal Control Plane Admin Settings under the "Authentication & Authorization" section. Configurable options include the initial lifetime (in hours) of a user's session and the renewal threshold of a session (in hours). Upon the expiration of the configured session thresholds, a user will be locked out of his/her session.

AC-12 (1) User-Initiated Logouts / Message Displays

Description

The information system:

  1. Provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to [Assignment: organization-defined information resources]; and
  2. Displays an explicit logout message to users indicating the reliable termination of authenticated communications sessions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

Universal Control Plane includes a logout capability that allows a user to terminate his/her current session.

AC-14 Permitted Actions Without Identification Or Authentication

Description

The organization:

  1. Identifies [Assignment: organization-defined user actions] that can be performed on the information system without identification or authentication consistent with organizational missions/business functions; and
  2. Documents and provides supporting rationale in the security plan for the information system, user actions not requiring identification or authentication.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Docker Enterprise Edition Engine complete
 Docker EE system
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

To help the organization meet the requirements of this control, a review of actions allowed by unauthenticated users can be performed within Docker Trusted Registry.
To help the organization meet the requirements of this control, one can restrict membership to the 'docker' group on underlying Linux hosts or the local "Administrators" group (and any other groups defined within 'daemon.json') on underlying Windows Server 2016 hosts to only authorized users.
To help the organization meet the requirements of this control, a review of actions allowed by unauthenticated users can be performed within Universal Control Plane.

AC-16 Security Attributes

Description

The organization:

  1. Provides the means to associate [Assignment: organization-defined types of security attributes] having [Assignment: organization-defined security attribute values] with information in storage, in process, and/or in transmission;
  2. Ensures that the security attribute associations are made and retained with the information;
  3. Establishes the permitted [Assignment: organization-defined security attributes] for [Assignment: organization-defined information systems]; and
  4. Determines the permitted [Assignment: organization-defined values or ranges] for each of the established security attributes.

Control Information

Responsible role(s) - Organization

AC-16 (1) Dynamic Attribute Association

Description

The information system dynamically associates security attributes with [Assignment: organization-defined subjects and objects] in accordance with [Assignment: organization-defined security policies] as information is created and combined.

Control Information

Responsible role(s) - Organization

AC-16 (2) Attribute Value Changes By Authorized Individuals

Description

The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define or change the value of associated security attributes.

Control Information

Responsible role(s) - Organization

AC-16 (3) Maintenance Of Attribute Associations By Information System

Description

The information system maintains the association and integrity of [Assignment: organization-defined security attributes] to [Assignment: organization-defined subjects and objects].

Control Information

Responsible role(s) - Organization

AC-16 (4) Association Of Attributes By Authorized Individuals

Description

The information system supports the association of [Assignment: organization-defined security attributes] with [Assignment: organization-defined subjects and objects] by authorized individuals (or processes acting on behalf of individuals).

Control Information

Responsible role(s) - Organization

AC-16 (5) Attribute Displays For Output Devices

Description

The information system displays security attributes in human-readable form on each object that the system transmits to output devices to identify [Assignment: organization-identified special dissemination, handling, or distribution instructions] using [Assignment: organization-identified human-readable, standard naming conventions].

Control Information

Responsible role(s) - Organization

AC-16 (6) Maintenance Of Attribute Association By Organization

Description

The organization allows personnel to associate, and maintain the association of [Assignment: organization-defined security attributes] with [Assignment: organization-defined subjects and objects] in accordance with [Assignment: organization-defined security policies].

Control Information

Responsible role(s) - Organization

AC-16 (7) Consistent Attribute Interpretation

Description

The organization provides a consistent interpretation of security attributes transmitted between distributed information system components.

Control Information

Responsible role(s) - Organization

AC-16 (8) Association Techniques / Technologies

Description

The information system implements [Assignment: organization-defined techniques or technologies] with [Assignment: organization-defined level of assurance] in associating security attributes to information.

Control Information

Responsible role(s) - Organization

AC-16 (9) Attribute Reassignment

Description

The organization ensures that security attributes associated with information are reassigned only via re-grading mechanisms validated using [Assignment: organization-defined techniques or procedures].

Control Information

Responsible role(s) - Organization

AC-16 (10) Attribute Configuration By Authorized Individuals

Description

The information system provides authorized individuals the capability to define or change the type and value of security attributes available for association with subjects and objects.

Control Information

Responsible role(s) - Organization

AC-17 Remote Access

Description

The organization:

  1. Establishes and documents usage restrictions, configuration/connection requirements, and implementation guidance for each type of remote access allowed; and
  2. Authorizes remote access to the information system prior to allowing such connections.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To help the organization meet the requirements of this control, Docker Trusted Registry can be configured to allow/prohibit remote access.
To help the organization meet the requirements of this control, Docker Enterprise Edition can be configured to allow/prohibit remote access to the Engine.
To help the organization meet the requirements of this control, Universal Control Plane can be configured to allow/prohibit remote access.

AC-17 (1) Automated Monitoring / Control

Description

The information system monitors and controls remote access methods.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Docker Enterprise Edition Engine complete
 Docker EE system
Universal Control Plane (UCP) complete
 Docker EE system
Authentication and Authorization Service (eNZi) complete
 Docker EE system

Implementation Details

Docker Trusted Registry logs and controls all local and remote access events. In addition, auditing can be configured on the underlying operating system to meet this control.
Docker Enterprise Edition logs and controls all local and remote access events. In addition, auditing can be configured on the underlying operating system to meet this control.
Universal Control Plane logs and controls all local and remote access events. In addition, auditing can be configured on the underlying operating system to meet this control.
Docker Enterprise Edition logs and controls all local and remote access events. In addition, auditing can be configured on the underlying operating system to meet this control.

AC-17 (2) Protection Of Confidentiality / Integrity Using Encryption

Description

The information system implements cryptographic mechanisms to protect the confidentiality and integrity of remote access sessions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 Docker EE system
Docker Enterprise Edition Engine complete
 Docker EE system
Universal Control Plane (UCP) complete
 Docker EE system

Implementation Details

All remote access sessions to Docker Trusted Registry are protected with Transport Layer Security (TLS) 1.2. This is included at both the HTTPS application layer for access to the DTR user interface and for command-line based connections to the registry. In addition to this, all communication to DTR is enforced by way of two-way mutual TLS authentication.
All remote access sessions to Docker Enterprise Edition are protected with Transport Layer Security (TLS) 1.2. In addition to this, all communication to Docker Enterprise Edition is enforced by way of two-way mutual TLS authentication.
All remote access sessions to Universal Control Plane are protected with Transport Layer Security (TLS) 1.2. This is included at both the HTTPS application layer for access to the UCP user interface and for command-line based connections to the cluster. In addition to this, all communication to UCP is enforced by way of two-way mutual TLS authentication.

AC-17 (3) Managed Access Control Points

Description

The information system routes all remote accesses through [Assignment: organization-defined number] managed network access control points.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Docker Enterprise Edition Engine complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

A combination of managed load balancers, firewalls and access control lists, and virtual networking resources can be used to ensure traffic destined for Docker Trusted Registry replicas is routed through managed network access control points.
A combination of managed load balancers, firewalls and access control lists, and virtual networking resources can be used to ensure traffic destined for Docker Enterprise Edition is routed through managed network access control points.
A combination of managed load balancers, firewalls and access control lists, and virtual networking resources can be used to ensure traffic destined for Universal Control Plane managers and worker nodes is routed through managed network access control points.

AC-17 (4) Privileged Commands / Access

Description

The organization:

  1. Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [Assignment: organization-defined needs]; and
  2. Documents the rationale for such access in the security plan for the information system.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To help the organization meet the requirements of this control, Universal Control Plane can be configured to authorize certain privileged functions via remote access.

AC-17 (6) Protection Of Information

Description

The organization ensures that users protect information about remote access mechanisms from unauthorized use and disclosure.

Control Information

Responsible role(s) - Organization

AC-17 (9) Disconnect / Disable Access

Description

The organization provides the capability to expeditiously disconnect or disable remote access to the information system within [Assignment: organization-defined time period].

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 configured by customer
service provider hybrid
Docker Enterprise Edition Engine complete
 configured by customer
service provider hybrid
Universal Control Plane (UCP) complete
partial
 configured by customer
service provider hybrid

Implementation Details

Built-in firewall technology in Docker Trusted Registry's underlying operating system can be used to force the disconnection of remote connections to the host. In addition, UCP slave nodes running Docker Trusted Registry replicas can be paused or drained, which subsequently stops sessions to the DTR replica.
Built-in firewall technology in Docker Enterprise Edition's underlying operating system can be used to force the disconnection of remote connections to the host. In addition, Docker Enterprise Edition provides the option to pause or drain a node in the cluster, which subsequently stops and/or removes sessions to the node. Individual services and/or applications running on Docker Enterprise Edition can also be stopped and/or removed.
Built-in firewall technology in Universal Control Plane's underlying operating system can be used to force the disconnection of remote connections to the host. In addition, UCP provides the option to pause or drain a node in the cluster, which subsequently stops and/or removes sessions to the node. Individual services and/or applications running on a UCP cluster can also be stopped and/or removed.

AC-18 Wireless Access

Description

The organization:

  1. Establishes usage restrictions, configuration/connection requirements, and implementation guidance for wireless access; and
  2. Authorizes wireless access to the information system prior to allowing such connections.

Control Information

Responsible role(s) - Organization

AC-18 (1) Authentication And Encryption

Description

The information system protects wireless access to the system using authentication of [Selection (one or more): users; devices] and encryption.

Control Information

Responsible role(s) - Organization

AC-18 (3) Disable Wireless Networking

Description

The organization disables, when not intended for use, wireless networking capabilities internally embedded within information system components prior to issuance and deployment.

Control Information

Responsible role(s) - Organization

AC-18 (4) Restrict Configurations By Users

Description

The organization identifies and explicitly authorizes users allowed to independently configure wireless networking capabilities.

Control Information

Responsible role(s) - Organization

AC-18 (5) Antennas / Transmission Power Levels

Description

The organization selects radio antennas and calibrates transmission power levels to reduce the probability that usable signals can be received outside of organization-controlled boundaries.

Control Information

Responsible role(s) - Organization

AC-19 Access Control For Mobile Devices

Description

The organization:

  1. Establishes usage restrictions, configuration requirements, connection requirements, and implementation guidance for organization-controlled mobile devices; and
  2. Authorizes the connection of mobile devices to organizational information systems.

Control Information

Responsible role(s) - Organization

AC-19 (4) Restrictions For Classified Information

Description

The organization:

  1. Prohibits the use of unclassified mobile devices in facilities containing information systems processing, storing, or transmitting classified information unless specifically permitted by the authorizing official; and
  2. Enforces the following restrictions on individuals permitted by the authorizing official to use unclassified mobile devices in facilities containing information systems processing, storing, or transmitting classified information:
    1. Connection of unclassified mobile devices to classified information systems is prohibited;
    2. Connection of unclassified mobile devices to unclassified information systems requires approval from the authorizing official;
    3. Use of internal or external modems or wireless interfaces within the unclassified mobile devices is prohibited; and
    4. Unclassified mobile devices and the information stored on those devices are subject to random reviews and inspections by [Assignment: organization-defined security officials], and if classified information is found, the incident handling policy is followed.
  3. Restricts the connection of classified mobile devices to classified information systems in accordance with [Assignment: organization-defined security policies].

Control Information

Responsible role(s) - Organization

AC-19 (5) Full Device / Container-Based Encryption

Description

The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Control Information

Responsible role(s) - Organization

AC-20 Use Of External Information Systems

Description

The organization establishes terms and conditions, consistent with any trust relationships established with other organizations owning, operating, and/or maintaining external information systems, allowing authorized individuals to:

  1. Access the information system from external information systems; and
  2. Process, store, or transmit organization-controlled information using external information systems.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To help the organization meet the requirements of this control, one can control which external systems can access Docker Trusted Registry.
To help the organization meet the requirements of this control, one can control which external systems can access Universal Control Plane.

AC-20 (1) Limits On Authorized Use

Description

The organization permits authorized individuals to use an external information system to access the information system or to process, store, or transmit organization-controlled information only when the organization:

  1. Verifies the implementation of required security controls on the external system as specified in the organization�s information security policy and security plan; or
  2. Retains approved information system connection or processing agreements with the organizational entity hosting the external information system.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
Universal Control Plane (UCP) complete
 service provider hybrid

Implementation Details

To help the organization meet the requirements of this control, one can control which external systems can access Docker Trusted Registry.
To help the organization meet the requirements of this control, one can control which external systems can access Universal Control Plane.

AC-20 (2) Portable Storage Devices

Description

The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems.

Control Information

Responsible role(s) - Organization

AC-20 (3) Non-Organizationally Owned Systems / Components / Devices

Description

The organization [Selection: restricts; prohibits] the use of non-organizationally owned information systems, system components, or devices to process, store, or transmit organizational information.

Control Information

Responsible role(s) - Organization

AC-20 (4) Network Accessible Storage Devices

Description

The organization prohibits the use of [Assignment: organization-defined network accessible storage devices] in external information systems.

Control Information

Responsible role(s) - Organization

AC-21 Information Sharing

Description

The organization:

  1. Facilitates information sharing by enabling authorized users to determine whether access authorizations assigned to the sharing partner match the access restrictions on the information for [Assignment: organization-defined information sharing circumstances where user discretion is required]; and
  2. Employs [Assignment: organization-defined automated mechanisms or manual processes] to assist users in making information sharing/collaboration decisions.

Control Information

Responsible role(s) - Docker system

Component Implementation Status(es) Control Origin(s)
Docker Trusted Registry (DTR) complete
 service provider hybrid
shared
Universal Control Plane (UCP) complete
 service provider hybrid
shared

Implementation Details

To help the organization meet the requirements of this control, one can validate the assigned roles and access levels within Docker Trusted Registry to control information sharing.
To help the organization meet the requirements of this control, one can validate the assigned roles and access levels within Universal Control Plane to control information sharing.

AC-21 (1) Automated Decision Support

Description

The information system enforces information-sharing decisions by authorized users based on access authorizations of sharing partners and access restrictions on information to be shared.

Control Information

Responsible role(s) - Organization

AC-21 (2) Information Search And Retrieval

Description

The information system implements information search and retrieval services that enforce [Assignment: organization-defined information sharing restrictions].

Control Information

Responsible role(s) - Organization

AC-22 Publicly Accessible Content

Description

The organization:

  1. Designates individuals authorized to post information onto a publicly accessible information system;
  2. Trains authorized individuals to ensure that publicly accessible information does not contain nonpublic information;
  3. Reviews the proposed content of information prior to posting onto the publicly accessible information system to ensure that nonpublic information is not included; and
  4. Reviews the content on the publicly accessible information system for nonpublic information [Assignment: organization-defined frequency] and removes such information, if discovered.

Control Information

Responsible role(s) - Organization

AC-23 Data Mining Protection

Description

The organization employs [Assignment: organization-defined data mining prevention and detection techniques] for [Assignment: organization-defined data storage objects] to adequately detect and protect against data mining.

Control Information

Responsible role(s) - Organization

AC-24 Access Control Decisions

Description

The organization establishes procedures to ensure [Assignment: organization-defined access control decisions] are applied to each access request prior to access enforcement.

Control Information

Responsible role(s) - Organization

AC-24 (1) Transmit Access Authorization Information

Description

The information system transmits [Assignment: organization-defined access authorization information] using [Assignment: organization-defined security safeguards] to [Assignment: organization-defined information systems] that enforce access control decisions.

Control Information

Responsible role(s) - Organization

AC-24 (2) No User Or Process Identity

Description

The information system enforces access control decisions based on [Assignment: organization-defined security attributes] that do not include the identity of the user or process acting on behalf of the user.

Control Information

Responsible role(s) - Organization

AC-25 Reference Monitor

Description

The information system implements a reference monitor for [Assignment: organization-defined access control policies] that is tamperproof, always invoked, and small enough to be subject to analysis and testing, the completeness of which can be assured.

Control Information

Responsible role(s) - Organization

standards, compliance, security, 800-53, Access control