SC-8

Transmission Confidentiality and Integrity

System and Communications Protection

The information system protects the confidentiality and integrity of transmitted information.

High PriorityAI-Relevant Control

Purpose

Protect information during transmission to prevent unauthorized disclosure and modification.

AI Relevance

Essential for protecting AI model communications, API calls, and data transmission between AI system components.

Implementation Guidance

Use TLS 1.3 for all communications, implement end-to-end encryption, and deploy secure communication protocols.

Assessment

Test encryption mechanisms, verify certificate validity, review communication logs, and validate security protocols.

Requirements

  • 1Protect the confidentiality of transmitted information
  • 2Protect the integrity of transmitted information
  • 3Protect the confidentiality of transmitted information using cryptographic mechanisms
  • 4Protect the integrity of transmitted information using cryptographic mechanisms
  • 5Protect the confidentiality of transmitted information using physical security measures
  • 6Protect the integrity of transmitted information using physical security measures
  • 7Protect the confidentiality of transmitted information using procedural security measures
  • 8Protect the integrity of transmitted information using procedural security measures

Related Controls

SC-7: SC-7SC-9: SC-9SC-12: SC-12SC-13: SC-13

References

NIST SP 800-53 Rev 5NIST Cryptographic Standards

Framework Context

NIST 800-53 Rev 5

Security and Privacy Controls for Federal Information Systems

Official Documentation →

NIST AI RMF

AI Risk Management Framework

AI RMF Documentation →

OWASP AISVS

AI Security Verification Standard

AISVS Documentation →