CCC.Core.C05: Prevent Access from Untrusted Entities
Control ID:CCC.Core.C05
Title:Prevent Access from Untrusted Entities
Objective:Ensure that secure access controls enforce the principle of least
privilege to restrict access to authorized entities from explicitly
trusted sources only.
Control Family:
Identity and Access Management
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH01 | Access is Granted to Unauthorized Users | Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. | 1 | 1 | 0 |
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.F06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. |
Guideline Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
NIST-CSF | PR.AC-3 | 0 | - |
CCM | DSP-01 | 1 | Security and Privacy Policy and Proceduress |
CCM | DSP-07 | 1 | Data Protection by Design and Default |
CCM | DSP-08 | 1 | Data Privacy by Design and Default |
CCM | DSP-10 | 1 | Sensitive Data Transfer |
CCM | DSP-17 | 0 | Sensitive Data Protection |
ISO_27001 | 2013 A.13.1.3 | 0 | - |
NIST_800_53 | AC-3 | 0 | - |