{
    "type": "bundle",
    "id": "bundle--48ba8f57-622d-4d71-80c8-8fd3f8e7707a",
    "spec_version": "2.0",
    "objects": [
        {
            "modified": "2023-03-30T20:55:13.851Z",
            "name": "Authorization Enforcement",
            "description": "The device or system should restrict read, manipulate, or execute privileges to only authenticated users who require access based on approved security policies.  Role-based Access Control (RBAC) schemes can help reduce the overhead of assigning permissions to the large number of devices within an ICS. For example, IEC 62351 provides examples of roles used to support common system operations within the electric power sector  (Citation: International Electrotechnical Commission July 2020), while IEEE 1686 defines standard permissions for users of IEDs. (Citation: Institute of Electrical and Electronics Engineers January 2014)",
            "labels": [
                "IEC 62443-3-3:2013 - SR 2.1",
                "IEC 62443-4-2:2019 - CR 2.1",
                "NIST SP 800-53 Rev. 4 - AC-3"
            ],
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_domains": [
                "ics-attack"
            ],
            "x_mitre_version": "1.0",
            "x_mitre_attack_spec_version": "2.1.0",
            "type": "course-of-action",
            "id": "course-of-action--e0d38502-decb-481d-ad8b-b8f0a0c330bd",
            "created": "2020-09-11T16:32:21.854Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/mitigations/M0800",
                    "external_id": "M0800"
                },
                {
                    "source_name": "International Electrotechnical Commission July 2020",
                    "description": "International Electrotechnical Commission 2020, July 17 IEC 62351 - Power systems management and associated information exchange - Data and communications security Retrieved. 2020/09/17 ",
                    "url": "https://webstore.iec.ch/publication/6912"
                },
                {
                    "source_name": "Institute of Electrical and Electronics Engineers January 2014",
                    "description": "Institute of Electrical and Electronics Engineers 2014, January 1686-2013 - IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities Retrieved. 2020/09/17 ",
                    "url": "https://standards.ieee.org/standard/1686-2013.html"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ]
        }
    ]
}