AC-4(24) Information Flow Enforcement | Internal Normalized Format

Control

When transferring information between different security domains, parse incoming data into an internal normalized format and regenerate the data to be consistent with its intended specification.

Discussion

Converting data into normalized forms is one of most of effective mechanisms to stop malicious attacks and large classes of data exfiltration.