Label Availability in Trusted Extensions Sessions
The following table shows session label limitations and availability based on users' session choices. The table continues the example from Figure 1–8.
Table 1–2 Labels in Trusted Extensions Sessions|
|
Multilevel Session |
Single-level Session |
||
|---|---|---|---|---|
|
|
General Case |
Example #1 |
General Case |
Example #2 |
|
|
|
Multilevel with clearance of SECRET A B |
|
Single-level with session label of SECRET A B |
|
Initial Workspace Label (at first login) |
Lowest label in account label range. |
CONFIDENTIAL |
Session label is specified by user |
SECRET A B |
|
Available Workspace Labels |
Any label in account label range up to the session clearance |
CONFIDENTIAL CONFIDENTIAL A B SECRET A B |
Session label is specified by user |
SECRET A B |
-
The left column identifies the types of label settings that are used in sessions.
-
The middle two columns apply to a Multilevel Session.
-
The right two columns apply to a Single-level Session.
-
The columns that are labeled General Case describe how the label types are determined.
-
The columns marked Example show a typical user's session selections at login.
In Example #1, the initial workspace label is set to CONFIDENTIAL, which is the label at the bottom of the user's account label range. The user can work at a label of CONFIDENTIAL, CONFIDENTIAL A B, or SECRET A B.
In Example #2, the user's initial workspace label is SECRET A B. Since the session is single-level, the only available workspace label is SECRET A B.
- © 2010, Oracle Corporation and/or its affiliates