Skip to content

Policy Rollback/Identity Tamper Blocks Launch and Egress

Validate that tampered or rolled‑back policy fails authorization and prevents application launch and subsequent network egress.

Objectives

  • Enforce policy integrity and identity requirements for launch.
  • Prevent egress when launch is denied or when authorization fails post‑load.

Preconditions

  • Policy integrity protections enabled (signature/identity checks, anti‑rollback).
  • Deny‑by‑default egress configured.

Suite

IDCanonical IDsFlowProcedureExpected Outcome
INTEG-POLICY-ROLLBACK-01HARD-POLICY-02, HARD-POLICY-08, HARD-POLICY-09, HARD-POLICY-10, NET-EGRESS-01Policy Rollback/Identity Tamper Blocks Launch and Egress1) Present a tampered or rolled‑back policy bundle. 2) Attempt to launch an application and perform network egress.Launch is denied due to identity/rollback protections; no egress occurs. Audit shows action: "deny", reason indicating identity or rollback failure, and integrity.hash.

Evidence Requirements

  • authz/policy events: action, reason (identity/rollback failure), rule.id, integrity.hash.
  • Absence of network egress events; if any attempted, they are denied per NET-EGRESS-01 with action: "deny".