CMMC 2.13
CMMC · Rev 2.132FAMILY SC
SC.L2-3.13.4
Shared Resource Control
Requirement
Prevent unauthorized and unintended information transfer via shared system resources.
Further discussion
No shared system resource, such as cache memory, hard disks, registers, or main memory may pass information from one user to another user. In other words, when objects are reused no residual information should exist on that object. This protects the confidentiality of the information. This is typically a feature provided by operating system and software vendors.
Example
You are a system administrator responsible for creating and deploying the system hardening procedures for your company’s computers. You ensure that the computer baselines include software patches to prevent attackers from exploiting flaws in the processor architecture to read data (e.g., the Meltdown and Spectre exploits). You also verify that the computer operating system is configured to prevent users from accessing other users’ folders [a].
Potential Assessment Considerations
• Are shared system resources identified and documented [a]?
Supporting controls
NIST 800-171 · Rev 21 mapped
Create a free account or log in to view the cross-referenced controls.
Implementation strategies
10 recommended strategies for this practice.
Create a free account or log in to view the implementation strategies.
Source: DoD CIO · https://dodcio.defense.gov/CMMC/