Session Selection Example
Table 1–2 provides an example that shows the difference between a single-level and a multilevel session. This example contrasts a user who chooses to operate in a single-level session at CONFIDENTIAL: NEED TO KNOW (CNF: NTK) with a user who chooses a multilevel session, also at CNF: NTK.
The three columns on the left show each user's session selections at login. Note that users set session labels for single-level sessions and session clearances for multilevel sessions. The system displays the correct label builder according to your selection. To view a label builder for a multilevel session, see Figure 2–2.
The two columns on the right show the label values that are available in the session. The Initial Workspace label column represents the label when the user first accesses the system. The Available Labels column lists the labels that the user is permitted to switch to during the session.
Table 1–2 Effect of Initial Label Selection on Available Session Labels|
User Selections |
Session Label Values |
|||
|---|---|---|---|---|
|
Session Type |
Session Label |
Session Clearance |
Initial Workspace Label |
Available Labels |
|
single-level |
CNF: NTK |
- |
CNF: NTK |
CNF: NTK |
|
multilevel |
- |
CNF: NTK |
Public |
Public CNF: Internal Use Only CNF: NTK |
As the first row of the table shows, the user has selected a single-level session with a session label of CNF: NTK. The user has an initial workspace label of CNF: NTK, which is also the only label at which the user can operate.
As the second row of the table shows, the user has selected a multilevel session with a session clearance of CNF: NTK. The user's initial workspace label is set to Public, because Public is the lowest possible label in the user's account label range. The user can switch to any label between Public and CNF: NTK. Public is the minimum label, and CNF: NTK is the session clearance.
- © 2010, Oracle Corporation and/or its affiliates