CCC.Core.F04: Transaction Rate Limits
Capability ID:CCC.Core.F04
Title:Transaction Rate Limits
Description:The service can throttle, delay, or reject excess requests when
transactions exceed a user-specified rate limit, and always
provides industry-standard throughput up to that limit.
Mapped Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.LB.TH01 | Unrestricted Request Traffic Overwhelms Downstream Services | Absence of filtering or rate limiting permits malicious traffic to overload downstream services and facilitates brute-force activity. | 1 | 2 | 0 |
| CCC.Core.TH12 | Resource Constraints are Exhausted | Exceeding the resource constraints through excessive consumption, resource-intensive operations, or lowering of rate-limit thresholds can impact the availability of elements such as memory, CPU, or storage. This may disrupt availability of the service or child resources by denying the associated functionality to users. If the impacted system is not designed to expect such a failure, the effect could also cascade to other services and resources. | 1 | 1 | 0 |