CCC.ObjStor.C01: Prevent Requests to Buckets or Objects with Untrusted KMS Keys
Control ID:CCC.ObjStor.C01
Title:Prevent Requests to Buckets or Objects with Untrusted KMS Keys
Objective:Prevent any requests to object storage buckets or objects using
untrusted KMS keys to protect against unauthorized data encryption
that can impact data availability and integrity.
Control Family:
Data
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH01 | Access is Granted to Unauthorized Users | Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. | 1 | 1 | 0 |
| CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. | 1 | 1 | 0 |
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.F06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. |
Guideline Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
NIST-CSF | PR.DS-1 | 0 | - |
CCM | DCS-04 | 0 | - |
CCM | DCS-06 | 0 | - |
ISO_27001 | 2013 A.10.1.1 | 0 | - |
NIST_800_53 | SC-28 | 0 | - |