Control AutoDataGovernance

URI: AutoDataGovernance

Description: The Process is managed by a data governance framework such as Fybrik, which can modify its behaviour without the intervention of a human manager.

Process

Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

CSG-AutoSuspendCorruptDataFlow	The flow of data *Data* from *FlowsFrom* to *FlowsTo* can be automatically disabled to prevent corrupt or malicious content (including malware) from disrupting the receipient *FlowsTo*. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.
CSG-AutoSuspendCorruptDataFlow-Implementation-Runtime	The flow of data *Data* from *FlowsFrom* to *FlowsTo* has been automatically disabled to prevent corrupt or malicious content (including malware) from disrupting the receipient *FlowsTo. This strategy represents activation of a contingency plan at runtime, and can be enabled to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires FlowsTo* to be managed by a suitable adaptation framework. The Disabled Data Flow control should be deselected if and when the flow of data is enabled once again.
CSG-AutoSuspendExcessiveClientAccess	Access to service *Service* by client *Client* may be automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.
CSG-AutoSuspendExcessiveClientAccess-Implementation-Runtime	Access to service *Service* by client *Client* has been automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires *Service* to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by *Client* to *Service* has been enabled once again.
CSG-AutoSuspendSensitiveDataFlow	The sending of data *Data* from *FlowsFrom* to *FlowsTo* can be can be automatically disabled to prevent leaking of data. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.
CSG-AutoSuspendSensitiveDataFlow-Implementation-Runtime	The sending of data *Data* from *FlowsFrom* to *FlowsTo* has been automatically disabled to prevent leaking of data. This strategy represents activation of a contingency plan at runtime, and can be enabled to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires *FlowsFrom* to be managed by a suitable adaptation framework. The Disabled Data Flow control should be deselected if and when the flow of data is enabled once again.
CSG-AutoSuspendUnauthenticClientAccess	Access to service *Service* by client *Client* may be automatically disabled to prevent authenticated attacks by impersonated clients, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.
CSG-AutoSuspendUnauthenticClientAccess-Implementation-Runtime	Access to service *Service* by client *Client* has been automatically disabled to prevent authenticated attacks by impersonated clients. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires *Service* to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by *Client* to *Service* has been enabled once again.
CSG-AutoSuspendUntrustworthyClientAccess	Access to service *Service* by client *Client* may be automatically disabled to prevent authenticated attacks by compromised clients, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.
CSG-AutoSuspendUntrustworthyClientAccess-Implementation-Runtime	Access to service *Service* by client *Client* has been automatically disabled to prevent authenticated attacks by compromised clients. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires *Service* to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by *Client* to *Service* has been enabled once again.

Control AutoDataGovernance

Assets (1)

Control Strategies (10)