Skip Navigation Links | |
Exit Print View | |
Compartmented Mode Workstation Labeling: Encodings Format Oracle Solaris 11.1 Information Library |
2. Structure and Syntax of Encodings File
4. Information Label Encodings
5. Sensitivity Label, Clearance, Channels, and Printer Banner Encodings
6. Accreditation Range and Name Information Label Encodings
7. General Considerations for Specifying Encodings
Consistency of Word Specification among Different Types of Labels
Mandatory Access Control Considerations When Encoding Words
Encoding Non-MAC-Related Words
Using Initial Compartments and Markings to Specify Inverse Compartment and Marking Bits
Avoiding "Loops" In Required Combinations
Visibility Restrictions for Required Combinations
Relationships between Required Combinations and Combination Constraints
Restrictions on Specifying Information Label Combination Constraints
Modifying Encodings Already Used by the System
Consistency of Default Word Specification
8. Enforcing Proper Label Adjudications
A. Encodings Specifications Error Messages
The intended usage of prefix words that specify compartments or markings is to specify special inverse bits that allow special inverse words. Special inverse words are words that specify a prefix that in turn specifies compartments or markings. The intended purpose and usage of special inverse bits and special inverse words is best described by the example below.
Special inverse words can be used to implement the ORiginator CONtrolled (ORCON) handling caveat with organizations to which the ORCON data can be released specified in the label. For example, given that three organizations use a particular system (ORG1, ORG@, and ORG3), the encodings to handle ORCON for these three organizations might look as follows. Only the SENSITIVITY LABELS words are shown in this example.
SENSITIVITY LABELS: WORDS: name=ORCON RELEASABLE TO; sname=OR; compartments=1-4; prefix; name=ORCON; minclass=C; compartments=1-4; name=ORG1; minclass=C; compartments=~1 4; prefix=OR; name=ORG2 minclass=C; compartments=~2 4; prefix=OR; name=ORG3; minclass=C; compartments=~3 4; prefix=OR;
In this example, ORG1, ORG2, and ORG3 are special inverse words, each of which requires the prefix ORCON RELEASABLE TO. This prefix specifies compartments bits 1-4, which are therefore special inverse bits. Bit one is for ORG1, bit 2 for ORG2, bit 3 for ORG3, and bit 4 has meaning of ORCON. If only ORCON RELEASABLE TO ORG1 is present in a label, then bit 1 would be off, and bits 2-4 would be on. If only ORG1 is present in a label, then bit 1 would be off, and bits 2-4 would be on. If only ORCON RELEASABLE TO ORG2 is present in a label, then bit 2 would be off, and bits 1, 3, and 4 would be on. If only ORCON RELEASABLE TO ORG3 is present in a label, then bit 3 would be off, and bits 1, 2, and 4 would be on. If ORCON RELEASABLE TO ORG1/ORG2 is present in a label, then bits 1 and 2 would be off and bits 3 and 4 would be on, and so on. The word ORCON, which dominates the three other words, is not an inverse word. If it appears in a label, the data so labeled is not releasable to any of the three organizations.
Note that a label that does not contain any of the above words has bits 1-3 off and is therefore releasable to all organizations, and has bit 4 off and is therefore not ORCON data. Thus, with the same words as above for information labels, data with an information label of SECRET ORCON RELEASABLE TO ORG1 when combined with data with an information label of TOP SECRET, would become TOP SECRET ORCON RELEASEABLE TO ORG1. Special inverse words can be specified using markings bits also.
Unlike regular inverse bits, special inverse bits should not be preallocated to allow for future usage. Special inverse bits can be safely added to a running system without preplanning.
The names chosen in the classifications:, information labels:, sensitivity labels:, and clearances: sections are extremely important. In general, it is best if all short and long names within each of the above sections are unique. However, because of the way prefix and suffix words are handled by the system, there are two exceptions to this general rule.
A suffix and a non-prefix/non-suffix word can have the same name. This is possible because you can look at labels with both such names and tell them apart. For example, consider suffix SF, word W that requires suffix SF, and regular word SF. The label TS SF contains the regular word SF, because there is no word that requires the suffix SF preceding the SF. The label TS W SF contains the suffix SF, because the word W immediately precedes the SF. Finally, the label TS SF W SF contains both the regular word SF and the suffix SF.
A word that requires a prefix and a non-prefix/non-suffix word can have the same name, as long as the non-prefix/non-suffix word is specified before the word that requires the prefix. This is possible because you can look at labels with both such names and tell them apart. For example, consider word W that requires prefix P, and regular word W. The label TS W contains the regular word W, because there is no prefix before the W. The label TS P W contains the word W that requires the prefix P, because the prefix is present. Finally, the label TS W P W contains both the regular word W and the prefix-requiring word W.
Obviously, use of either of these exceptions should be avoided if at all possible because of the probable confusion that will occur.
There are two additional considerations in specifying names.
Classification names should never be the same as information label, sensitivity label, or clearance names.
If the same name appears in both the sensitivity labels: and clearances: sections, the words with this name should refer to the same compartment, and should therefore have an identical specification in the encodings file.
A word in the information label, sensitivity label, or clearance sections whose specified compartment or marking bits include all of the bits of one or more words above in the encodings is called an alias. The simplest case of an alias is a word that duplicates the compartment and marking bit specifications of the word above it. Such an alias—in effect—simply adds more names to the word above it. The word WARNING in Appendix B, Annotated Sample Encodings is such an alias for the word WNINTEL. Using an input name (iname=) is the preferred method of associating more than two names with a word. See The Iname= Keyword in Chapter 4, Information Label Encodings.
A more complex type of alias is a word whose compartment and/or marking bits includes bits specified in multiple words that appear above it. The word SYSHI in Appendix B, Annotated Sample Encodings is an example of this type of alias. Entering SYSHI is the same as entering the following words from Appendix B, Annotated Sample Encodings: CC SB bravo1 bravo3 SA alpha1 project X/project Y LIMDIS ORCON org x/org Y D/E all eyes NOFORN.
Aliases can be used while entering labels or adding to labels (e.g., by entering +alias to add alias to an existing label), but cannot be used for removing words from labels (e.g., by entering -alias to remove alias from an existing label) and will never appear in output labels (assuming the alias and the words being aliased have the same flags= specification). For example, given the above alias WARNING for the word WNINTEL, the following table shows how the label TOP SECRET can and cannot be modified using the alias.
Table 7-1 Modifying With Alias
|
Alias words can be combined with flags to produce aliases that can optionally be used in output labels. The system does not use the flags feature, but applications can be specifically written to use this feature. As an example, consider the case where you have a word that normally appears as NORMAL NAME, but that must, under certain conditions, appear in labels as ALTERNATE NAME. This could be accomplished with the following encodings:
name= NORMAL NAME; markings= 34; name= ALTERNATE NAME; markings= 34; flags= 1;
Under normal circumstances NORMAL NAME would appear in labels, but if the translation software is explicitly told to use only words with flag 1, then ALTERNATE NAME would appear in labels. See [DDS-2600-6215-91] for information on how applications can use the flags feature in this manner.