The following table shows the keywords that can be defined for classifications. Keywords that begin with an asterisk (*) are optional. See "Setting Default and Inverse Words" for more about how to set up optional initial compartments and markings that may be associated with classifications.
Table 2-3 Values for Classifications
Unless you are creating a set of encodings that must be compatible with another organization's label encodings, do not worry about which numbers to use for compartment bits. Keep track of the ones you use and their relations to each other.
The following example shows the top of the demonstration Trusted Solaris label_encodings file, with the CLASSIFICATIONS section.
CLASSIFICATIONS: * name= UNCLASSIFIED; sname= U; value= 1; name= CONFIDENTIAL; sname= C; value= 4; initial compartments= 4-5 190-239; name= SECRET; sname= S; value= 5; initial compartments= 4-5 190-239; name= TOP SECRET; sname= TS; value= 6; initial compartments= 4-5 190-239; |
Each classification defined in Example 2-1 has the mandatory name, sname, and value. The CONFIDENTIAL, SECRET, and TOP SECRET classifications have initial compartments, while UNCLASSIFIED has none.
The following table shows some initial compartments bit assignments and what they mean.
Table 2-4 Example Initial Compartments Bit Assignments and What They Mean
initial compartments= 4 5 100-227; |
compartment bits 4, 5, and 100 through 239 are initially on (set to 1) in a label with this classification. |
Some of the initial compartments shown in Example 2-1 are used later to define default and inverse words, and some are reserved for possible later definitions of inverse words.
The following example shows a simple set of classifications that have no initial compartments.
CLASSIFICATIONS: name= PUBLIC; sname= PUBLIC; value= 1; name= INTERNAL_USE_ONLY; sname= INTERNAL; aname= INTERNAL; value= 4; name= NEED_TO_KNOW; sname= NEED_TO_KNOW; aname= NEED_TO_KNOW; value= 5; name= REGISTERED; sname= REGISTERED; aname= REGISTERED; value= 6; initial compartments= 10; |