Is there specific NIST documentation advising about implementing MS SQL Row-Level security for 800-53 compliance?
Asked
Active
Viewed 102 times
0
-
you mean, besides "access control"? – schroeder May 04 '18 at 15:14
-
Have you done any research? 800-53 is well-documented. – schroeder May 04 '18 at 15:16
-
I found this in a couple minutes: "Access control policies ... control access between active entities or subjects ... and passive entities or objects (e.g., ... ***records*** ...) in information systems." https://nvd.nist.gov/800-53/Rev4/control/AC-3 – schroeder May 04 '18 at 15:17
-
@schroeder , For access control. I searched the website for `SQL row level` security implementation for SQL. Couldn't locate anything specific. Looking for a specific reference to Microsoft SQL Row level security implementation as a requirement or recommendation for NIST compliance. – Ayan Mullick May 04 '18 at 16:54
-
There will not be such specific, and vendor-narrow advice – schroeder May 04 '18 at 17:30
-
@schroeder , Then is there anything specifying **ROW-LEVEL** RBAC measures' implementation for SQL in general? Or is there any other frameworks like NYDFS, SKID etc that emphasizes on **ROW-LEVEL** ? – Ayan Mullick May 04 '18 at 20:25