|
|||
|
1. Labels in Trusted Extensions Software 3. Making a Label Encodings File (Tasks) 4. Labeling Printer Output (Tasks) 5. Customizing LOCAL DEFINITIONS 6. Example: Planning an Organization's Labels A. Sample Label Encodings File |
label_encodings.example FileThis printed version is slightly different from the delivered version.
* ident "@(#)label_encodings.example 5.13 06/08/04 SMI"
*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
*
* This version of the label_encodings file encodes the Sun
* confidential labels that are required by Sun's
* legal and information protection departments. The prefix
* COMPANY is omitted from the labels for
* brevity. This encodings includes some example department
* names that can be used for controlling access to information
* across department boundaries. Commercial sites with different
* requirements can copy this file and change the definitions to suit.
* This example shows how to specify labels that meet an actual
* site's legal information protection requirements for
* labeling email and printer output. These labels can also
* be used to enforce mandatory access control checks that are
* based on user clearance labels, and on labels on files
* and directories.
VERSION= Sun Microsystems, Inc. Example Version - 5.13 06/08/04
* WARNING: If CIPSO Tag Type 1 network labels are to be used:
*
* a) All CLASSIFICATIONS values must be less than or equal to 255.
* b) All COMPARTMENTS bits must be less than or equal to 239.
*
CLASSIFICATIONS:
name= PUBLIC; sname= PUBLIC; value= 1;
name= INTERNAL_USE_ONLY; sname= INTERNAL; aname= INTERNAL; value= 4;
name= NEED_TO_KNOW; sname= NEED_TO_KNOW; aname= NEED_TO_KNOW; value= 5;
name= REGISTERED; sname= REGISTERED; aname= REGISTERED; value= 6;
INFORMATION LABELS:
WORDS:
name= SYSTEM_ADMINISTRATION; sname= SYSADM; compartments= 19;
minclass= NEED_TO_KNOW;
name= MANUFACTURING; sname= MANUFACTURING; compartments= 18;
minclass= NEED_TO_KNOW;
name= ENGINEERING; sname= ENG; compartments= 17 20;
minclass= NEED_TO_KNOW;
name= HUMAN_RESOURCES; sname= HR; compartments= 16;
minclass= NEED_TO_KNOW;
name= MARKETING; sname= MRKTG; compartments= 15 20;
minclass= NEED_TO_KNOW;
name= LEGAL; sname= LEGAL; compartments= 14;
minclass= NEED_TO_KNOW;
name= FINANCE; sname= FINANCE; compartments= 13;
minclass= NEED_TO_KNOW;
name= SALES; sname= SALES; compartments= 12;
minclass= NEED_TO_KNOW;
name= EXECUTIVE_MGMNT_GROUP; sname= EMG; compartments= 11;
minclass= NEED_TO_KNOW;
name= ALL_DEPARTMENTS; sname= ALL; compartments= 11-20;
minclass= NEED_TO_KNOW;
name= PROJECT_TEAM; sname= P_TEAM; compartments= 20;
minclass= NEED_TO_KNOW;
REQUIRED COMBINATIONS:
COMBINATION CONSTRAINTS:
SENSITIVITY LABELS:
WORDS:
name= ALL_DEPARTMENTS; sname= ALL; compartments= 11-20;
minclass= NEED_TO_KNOW;
name= EXECUTIVE_MGMNT_GROUP; sname= EMG; compartments= 11;
minclass= NEED_TO_KNOW;
name= SALES; sname= SALES; compartments= 12;
minclass= NEED_TO_KNOW;
name= FINANCE; sname= FINANCE; compartments= 13;
minclass= NEED_TO_KNOW;
name= LEGAL; sname= LEGAL; compartments= 14;
minclass= NEED_TO_KNOW;
name= MARKETING; sname= MRKTG; compartments= 15 20;
minclass= NEED_TO_KNOW;
name= HUMAN_RESOURCES; sname= HR; compartments= 16;
minclass= NEED_TO_KNOW;
name= ENGINEERING; sname= ENG; compartments= 17 20;
minclass= NEED_TO_KNOW;
name= MANUFACTURING; sname= MANUFACTURING; compartments= 18;
minclass= NEED_TO_KNOW;
name= SYSTEM_ADMINISTRATION; sname= SYSADM; compartments= 19;
minclass= NEED_TO_KNOW;
name= PROJECT_TEAM; sname= P_TEAM; compartments= 20;
minclass= NEED_TO_KNOW;
REQUIRED COMBINATIONS:
COMBINATION CONSTRAINTS:
CLEARANCES:
WORDS:
name= ALL_DEPARTMENTS; sname= ALL; compartments= 11-20;
minclass= NEED_TO_KNOW;
name= EXECUTIVE_MANAGEMENT_GROUP; sname= EMG; compartments= 11;
minclass= NEED_TO_KNOW;
name= SALES; sname= SALES; compartments= 12;
minclass= NEED_TO_KNOW;
name= FINANCE; sname= FINANCE; compartments= 13;
minclass= NEED_TO_KNOW;
name= LEGAL; sname= LEGAL; compartments= 14;
minclass= NEED_TO_KNOW;
name= MARKETING; sname= MRKTG; compartments= 15 20;
minclass= NEED_TO_KNOW;
name= HUMAN_RESOURCES; sname= HR; compartments= 16;
minclass= NEED_TO_KNOW;
name= ENGINEERING; sname= ENG; compartments= 17 20;
minclass= NEED_TO_KNOW;
name= MANUFACTURING; sname= MANUFACTURING; compartments= 18;
minclass= NEED_TO_KNOW;
name= SYSTEM_ADMINISTRATION; sname= SYSADM; compartments= 19;
minclass= NEED_TO_KNOW;
name= PROJECT_TEAM; sname= P_TEAM; compartments= 20;
minclass= NEED_TO_KNOW;
REQUIRED COMBINATIONS:
COMBINATION CONSTRAINTS:
CHANNELS:
WORDS:
name= DISTRIBUTE_ONLY_TO; prefix;
name= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
suffix;
name= EXECUTIVE_MANAGEMENT_GROUP;
prefix= DISTRIBUTE_ONLY_TO; compartments= 11;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= SALES; prefix= DISTRIBUTE_ONLY_TO; compartments= 12;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= FINANCE; prefix= DISTRIBUTE_ONLY_TO; compartments= 13;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= LEGAL; prefix= DISTRIBUTE_ONLY_TO; compartments= 14;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= MARKETING; prefix= DISTRIBUTE_ONLY_TO;
compartments= 15 20;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= HUMAN_RESOURCES; prefix= DISTRIBUTE_ONLY_TO;
compartments= 16;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= ENGINEERING; prefix= DISTRIBUTE_ONLY_TO;
compartments= 17 20;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= MANUFACTURING; prefix= DISTRIBUTE_ONLY_TO;
compartments= 18;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= SYSTEM_ADMINISTRATION; prefix= DISTRIBUTE_ONLY_TO;
compartments= 19;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
name= PROJECT_TEAM; prefix= DISTRIBUTE_ONLY_TO; compartments= 20;
suffix= EMPLOYEES (NON-DISCLOSURE AGREEMENT REQUIRED);
PRINTER BANNERS:
WORDS:
name= CONFIDENTIAL:; prefix;
name= ALL_DEPARTMENTS;
prefix= CONFIDENTIAL:;
compartments= 11-20;
name= EXECUTIVE_MANAGEMENT_GROUP;
prefix= CONFIDENTIAL:;
compartments= 11;
name= SALES; prefix= CONFIDENTIAL:;
compartments= 12;
name= FINANCE; prefix= CONFIDENTIAL:;
compartments= 13;
name= LEGAL; prefix= CONFIDENTIAL:;
compartments= 14;
name= MARKETING; prefix= CONFIDENTIAL:;
compartments= 15 20;
name= HUMAN_RESOURCES;
prefix= CONFIDENTIAL:;
compartments= 16;
name= ENGINEERING;
prefix= CONFIDENTIAL:;
compartments= 17 20;
name= MANUFACTURING;
prefix= CONFIDENTIAL:;
compartments= 18;
name= SYSTEM_ADMINISTRATION;
prefix= CONFIDENTIAL:;
compartments= 19;
name= PROJECT_TEAM;
prefix= CONFIDENTIAL:;
compartments= 20;
ACCREDITATION RANGE:
classification= PUBLIC; only valid compartment combinations:
PUBLIC
classification= INTERNAL_USE_ONLY; only valid compartment combinations:
INTERNAL
classification= NEED_TO_KNOW; all compartment combinations valid;
classification= REGISTERED; only valid compartment combinations:
REGISTERED
minimum clearance= PUBLIC;
minimum sensitivity label= PUBLIC;
minimum protect as classification= PUBLIC;
*
* Local site definitions and locally configurable options.
*
LOCAL DEFINITIONS:
Classification Name= Classification;
Compartments Name= Departments;
Default User Sensitivity Label= public;
Default User Clearance= public;
COLOR NAMES:
label= Admin_Low; color= #bdbdbd;
label= PUBLIC; color= green;
label= INTERNAL_USE_ONLY; color= yellow;
label= NEED_TO_KNOW; color= blue;
label= NEED_TO_KNOW EMG; color= #7FA9EB;
label= NEED_TO_KNOW SALES; color= #87CEFF;
label= NEED_TO_KNOW FINANCE; color= #00BFFF;
label= NEED_TO_KNOW LEGAL; color= #7885D0;
label= NEED_TO_KNOW MRKTG; color= #7A67CD;
label= NEED_TO_KNOW HR; color= #7F7FFF;
label= NEED_TO_KNOW ENG; color= #007FFF;
label= NEED_TO_KNOW MANUFACTURING; color= #0000BF;
label= NEED_TO_KNOW PROJECT_TEAM; color= #9E7FFF;
label= NEED_TO_KNOW SYSADM; color= #5B85D0;
label= NEED_TO_KNOW ALL; color= #4D658D;
label= REGISTERED; color= red;
label= Admin_High; color= #636363;
*
* End of local site definitions
*
|
||
|