Rule Pack: nist-800-53¶
NIST SP 800-53 security and privacy controls rule pack.
Pack version: 1.0
Rule count: 10
Modules: nist
Templates: access_request, audit_event, data_transfer
Rules¶
| Name | Salience | Action | Reason | Source |
|---|---|---|---|---|
access-enforcement |
100 | deny |
Access denied: subject clearance insufficient for resource (AC-3) | src/fathom/rule_packs/nist_800_53/rules/ac_rules.yaml |
info-flow-enforcement |
100 | deny |
Data transfer blocked: classified data cannot flow to external destination (AC-4) | src/fathom/rule_packs/nist_800_53/rules/ac_rules.yaml |
least-privilege |
100 | deny |
Privileged action requires explicit context justification (AC-6) | src/fathom/rule_packs/nist_800_53/rules/ac_rules.yaml |
remote-access |
100 | escalate |
Remote privileged access requires additional authorization (AC-17) | src/fathom/rule_packs/nist_800_53/rules/ac_rules.yaml |
audit-events |
90 | escalate |
Auditable event has unknown outcome — requires resolution (AU-2) | src/fathom/rule_packs/nist_800_53/rules/au_rules.yaml |
audit-content |
90 | deny |
Audit record missing required subject field (AU-3) | src/fathom/rule_packs/nist_800_53/rules/au_rules.yaml |
audit-review-analysis |
80 | escalate |
Failed privileged action requires review and analysis (AU-6) | src/fathom/rule_packs/nist_800_53/rules/au_rules.yaml |
audit-generation |
90 | deny |
Audit generation requires resource identification for data events (AU-12) | src/fathom/rule_packs/nist_800_53/rules/au_rules.yaml |
boundary-protection |
100 | deny |
Data transfer to external boundary requires secure protocol (SC-7) | src/fathom/rule_packs/nist_800_53/rules/sc_rules.yaml |
transmission-confidentiality |
100 | deny |
Classified data requires secure transmission protocol for attribute protection (SC-16) | src/fathom/rule_packs/nist_800_53/rules/sc_rules.yaml |