Applications must be able to function within separate processing domains (virtualized systems), when specified, so as to enable finer-grained allocation of user privileges.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35251 | SRG-APP-000064-MAPP-NA | SV-46538r1_rule | Medium |
| Description |
|---|
| Applications must employ the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Employing virtualization techniques to allow greater privilege within a virtual machine, while restricting privilege to the underlying actual machine is an example of providing separate processing domains for finer-grained allocation of user privileges. Rationale for non-applicability: This control is best implemented by the virtualization technology and not through each mobile application. Mobile applications are written to run on specified operating systems. If these operating systems are virtualized correctly, the mobile application would also function in that environment. |
| STIG | Date |
|---|---|
| Mobile Application Security Requirements Guide | 2013-01-04 |
Details
| Check Text ( C-43620r1_chk ) |
|---|
| This requirement is NA for the MAPP SRG. |
| Fix Text (F-39798r1_fix) |
|---|
| The requirement is NA. No fix is required. |