NIST SP 800-190 APPLICATION CONTAINER SECURITY GUIDE
39
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-190
Appendix B—NIST SP 800-53 and NIST Cybersecurity Framework Security Controls
Related to Container Technologies
The security controls from NIST SP 800-53 Revision 4 [29] that are most important for container
technologies are listed in Table 2.
Table 2: Security Controls from NIST SP 800-53 for Container Technology Security
NIST SP 800-53 Control Related Controls References
AC-2, Account
Management
AC-3, AC-4, AC-5, AC-6, AC-10, AC-17, AC-19, AC-20,
AU-9, IA-2, IA-4, IA-5, IA-8, CM-5, CM-6, CM-11, MA-3,
MA-4, MA-5, PL-4, SC-13
AC-3, Access Enforcement AC-2, AC-4, AC-5, AC-6, AC-16, AC-17, AC-18, AC-19,
AC-20, AC-21, AC- 22, AU-9, CM-5, CM-6, CM-11, MA-3,
MA-4, MA-5, PE-3
AC-4, Information Flow
Enforcement
AC-3, AC-17, AC-19, AC-21, CM-6, CM-7, SA-8, SC-2,
SC-5, SC-7, SC-18
AC-6, Least Privilege AC-2, AC-3, AC-5, CM-6, CM-7, PL-2
AC-17, Remote Access AC-2, AC-3, AC-18, AC-19, AC-20, CA-3, CA-7, CM-8,
IA-2, IA-3, IA-8, MA-4, PE-17, PL-4, SC-10, SI-4
NIST SPs 800-46, 800-77,
800-113, 800-114, 800-
121
AT-3, Role-Based Security
Training
AT-2, AT-4, PL-4, PS-7, SA-3, SA-12, SA-16 C.F.R. Part 5 Subpart C
(5C.F.R.930.301); NIST
SPs 800-16, 800- 50
AU-2, Audit Events AC-6, AC-17, AU-3, AU-12, MA-4, MP-2, MP-4, SI-4 NIST SP 800-92;
https://idmanagement.gov/
AU-5, Response to Audit
AU-4, SI-12
AU-6, Audit Review,
Analysis, and Reporting
AC-2, AC-3, AC-6, AC-17, AT-3, AU-7, AU-16, CA-7, CM-
5, CM-10, CM-11, IA-3, IA-5, IR-5, IR-6, MA-4, MP-4, PE-
3, PE-6, PE-14, PE-16, RA-5, SC-7, SC-18, SC-19, SI-3,
SI-4, SI-7
AU-8, Time Stamps AU-3, AU-12
AU-9, Protection of Audit
AC-3, AC-6, MP-2, MP-4, PE-2, PE-3, PE-6
AU-12, Audit Generation AC-3, AU-2, AU-3, AU-6, AU-7
CA-9, Internal System
AC-3, AC-4, AC-18, AC-19, AU-2, AU-12, CA- 7, CM-2,
CM-2, Baseline
Configuration
CM-3, CM-6, CM-8, CM-9, SA-10, PM-5, PM-7 NIST SP 800-128
CM-3, Configuration
Change Control
CA-7, CM-2, CM-4, CM-5, CM-6, CM-9, SA-10, SI- 2, SI-
12
NIST SP 800-128
CM-4, Security Impact
Analysis
CA-2, CA-7, CM-3, CM-9, SA-4, SA-5, SA-10, SI-2 NIST SP 800-128
CM-5, Access Restrictions
for Change
AC-3, AC-6, PE-3
CM-6, Configuration
Settings
AC-19, CM-2, CM-3, CM-7, SI-4 OMB Memoranda 07-11,
07-18, 08-22; NIST SPs
800-70, 800-128;
https://nvd.nist.gov
;
https://checklists.nist.gov;
https://www.nsa.gov