Prevent Access from Untrusted Entities

CCC.Core.CN05: Prevent Access from Untrusted Entities

Control ID:CCC.Core.CN05

Title:Prevent Access from Untrusted Entities

Objective:Ensure that secure access controls enforce the principle of least privilege to restrict access to authorized entities from explicitly trusted sources only.

Control Family:

Identity and Access Management

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
CCM	DSP-01	1	Security and Privacy Policy and Proceduress
CCM	DSP-07	1	Data Protection by Design and Default
CCM	DSP-08	1	Data Privacy by Design and Default
CCM	DSP-10	1	Sensitive Data Transfer
CCM	DSP-17	0	Sensitive Data Protection

Assessment Requirements

ID	Description	Applicability
CCC.Core.CN05.AR01	When an attempt is made to modify data on the service or a child resource, the service MUST block requests from unauthorized entities.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR02	When administrative access or configuration change is attempted on the service or a child resource, the service MUST refuse requests from unauthorized entities.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR03	When administrative access or configuration change is attempted on the service or a child resource in a multi-tenant environment, the service MUST refuse requests across tenant boundaries unless the origin is explicitly included in a pre-approved allowlist.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR04	When data is requested from outside the trust perimeter, the service MUST refuse requests from unauthorized entities.	tlp-amber tlp-red
CCC.Core.CN05.AR05	When any request is made from outside the trust perimeter, the service MUST NOT provide any response that may indicate the service exists.	tlp-red
CCC.Core.CN05.AR06	When any request is made to the service or a child resource, the service MUST refuse requests from unauthorized entities.	tlp-green tlp-amber tlp-red