Prevent Access from Untrusted Entities

CCC.Core.CN05: Prevent Access from Untrusted Entities

Control ID:CCC.Core.CN05

Title:Prevent Access from Untrusted Entities

Objective:Ensure that secure access controls enforce the principle of least privilege to restrict access to authorized entities from explicitly trusted sources only.

Control Family:

Identity and Access Management

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.Core.TH01	Access is Granted to Unauthorized Users	Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data.	1	1	0

Related Capabilities

ID	Title	Description
CCC.Core.CP06	Access Control	The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes.
CCC.Core.CP29	Active Ingestion	While running, the service can receive inputs, commands, or data streams from external sources such as dedicated APIs, exposed network ports, message queues, and persistent data ingestion channels.

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
CCM	DSP-01	1	Security and Privacy Policy and Proceduress
CCM	DSP-07	1	Data Protection by Design and Default
CCM	DSP-08	1	Data Privacy by Design and Default
CCM	DSP-10	1	Sensitive Data Transfer
CCM	DSP-17	0	Sensitive Data Protection

Assessment Requirements

ID	Description	Applicability
CCC.Core.CN05.AR01	When an attempt is made to modify data on the service or a child resource, the service MUST block requests from unauthorized entities.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR02	When administrative access or configuration change is attempted on the service or a child resource, the service MUST refuse requests from unauthorized entities.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR03	When administrative access or configuration change is attempted on the service or a child resource in a multi-tenant environment, the service MUST refuse requests across tenant boundaries unless the origin is explicitly included in a pre-approved allowlist.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.CN05.AR04	When data is requested from outside the trust perimeter, the service MUST refuse requests from unauthorized entities.	tlp-amber tlp-red
CCC.Core.CN05.AR05	When any request is made from outside the trust perimeter, the service MUST NOT provide any response that may indicate the service exists.	tlp-red
CCC.Core.CN05.AR06	When any request is made to the service or a child resource, the service MUST refuse requests from unauthorized entities.	tlp-green tlp-amber tlp-red