CCC.Core.F06: Access Control
Capability ID:CCC.Core.F06
Title:Access Control
Description:The service automatically enforces user configurations to
restrict or allow access to a specific component or
a child resource based on factors such as user identities, roles,
groups, or attributes.
Mapped Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH01 | Access Control is Misconfigured | Misconfigured access controls may grant excessive privileges or fail to restrict unauthorized access to the service and its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. | 1 | 1 | 0 |