Compartmented Mode Workstation Labeling: Encodings Format

Chapter 5 Sensitivity Label, Clearance, Channels, and Printer Banner Encodings

The encodings described in this chapter have similar structures.

Sensitivity Labels Encodings

The SENSITIVITY LABELS: section specifies the words that make up a human-readable representation of a sensitivity label, as well as the required combinations and combination constraints on these words. This section is used by the system to convert a human-readable representation of non-classification sensitivity label words into the internal bit-string form, and to translate the internal form to a human-readable representation.

In all cases, the SENSITIVITY LABELS: section must associate words with exactly the same compartment bits as the INFORMATION LABELS: section. Moreover, for every word in the INFORMATION LABELS: section with associated normal (non-inverse) compartment bits, there can be no word in the SENSITIVITY LABELS: section whose associated normal compartment bits dominate but do not equal the compartment bits of the information label word, unless the sensitivity label word is an alias. Also, for each inverse compartment word in the SENSITIVITY LABELS: section, there must be a corresponding inverse compartment word in the INFORMATION LABELS: section whose compartment bits are dominated by the sensitivity label word's compartment bits, and whose markings contain no normal bits.

The SENSITIVITY LABELS: section has a structure identical to the INFORMATION LABELS: section with the following exceptions:

  1. the markings= keyword cannot be specified because sensitivity labels--by definition--do not contain markings; and

  2. the access related keyword cannot be specified because all components of sensitivity labels are--by definition--access related, so this keyword would be redundant.

All other keywords described above for the information labels section work in the sensitivity labels section, with the same purpose, rules, restrictions, and caveats.

Another difference between the INFORMATION LABELS: section and the SENSITIVITY LABELS: section is that the conventional order within the encodings file of sensitivity label words in the intelligence community is with the least sensitive words first.

Chapter 7, General Considerations for Specifying Encodings discusses some very important considerations concerning the specification of sensitivity label encodings.

Clearance Encodings

The CLEARANCES: section specifies the words that make up a human-readable representation of user's clearances, as well as the required combinations and combination constraints on these words. This section is used by the system to convert a human-readable representation of non-classification clearance words into the internal bit-string form, and to translate the internal form to a human-readable representation.

The CLEARANCES: section has a structure identical to the SENSITIVITY LABELS: section. In fact, in most cases, the CLEARANCES: section will be identical to the SENSITIVITY LABELS: section. A separate CLEARANCES: section is provided to add flexibility to the system in case there are any different required combinations or combination constraints on clearances than on sensitivity labels, or if--by convention--clearance compartment names are slightly different than corresponding sensitivity label compartment names.

In all cases, the CLEARANCES: section must associate words with exactly the same compartment bits as the INFORMATION LABELS: and SENSITIVITY LABELS: sections. Moreover, for every word in the SENSITIVITY LABELS: section with associated normal (non-inverse) compartment bits, there can be no word in the CLEARANCES: section whose associated normal compartment bits dominate but do not equal the compartment bits of the sensitivity label word, unless the clearance word is an alias. Also, for each inverse compartment word in the CLEARANCES: section, there must be a corresponding inverse compartment word in the SENSITIVITY LABELS: section whose compartment bits are dominated by the clearance word's compartment bits.

The encodings example in Appendix B, Annotated Sample Encodings illustrates a case where the CLEARANCES: combination constraints are different than the SENSITIVITY LABELS: combination constraints. This example occurs when release compartments are encoded in sensitivity labels. In the Appendix B, Annotated Sample Encodings example, REL CNTRY1 and REL CNTRY2 are treated as release compartments. The meaning of having REL CNTRY1 in a sensitivity label is that the data is releasable to system users whose clearance contains the compartment REL CNTRY1.

In the clearance section, the prefix REL is called NATIONALITY: to indicate that the application of this word in a clearance specifies the nationality of the user. Therefore, the meaning of having REL CNTRY2 in a sensitivity label is that the data is releasable to system users whose clearance contains the compartment NATIONALITY: CNTRY2. The meaning of having REL CNTRY1/CNTRY2 in a sensitivity label is that the data is releasable to system users whose clearance contains either NATIONALITY: CNTRY1 or NATIONALITY: CNTRY2. Therefore, it is perfectly valid for a sensitivity label to contain both REL CNTRY1 and REL CNTRY2.

However, such is not the case for a clearance. The meaning of NATIONALITY: CNTRY1 in a clearance is that the user is a citizen of CNTRY1. Similarly, the meaning of NATIONALITY: CNTRY2 in a clearance is that the user is a citizen of CNTRY2. However, in most systems, it would make no sense for a user to be treated as a citizen of more than one country, so having both NATIONALITY: CNTRY1 and NATIONALITY: CNTRY2 in a clearance would be invalid and is prevented by the clearance combination constraint:

NATIONALITY: CNTRY1 !  NATIONALITY: CNTRY2

Chapter 7, General Considerations for Specifying Encodings discusses some very important considerations concerning the specification of clearances encodings.

Channels Encodings

The CHANNELS: section specifies the words that make up a human-readable representation of the HANDLE VIA... handling caveats that must be included in printer banner pages. This section is used by the system only to translate the internal form of sensitivity labels to the appropriate human-readable handling channel caveat. The example in Figure 5-1 shows the format of a printer banner page with the handling channel caveat denoted. Since this section is not used for translating human-readable handling caveats into the internal format, there is no need for the REQUIRED COMBINATIONS: and COMBINATION CONSTRAINTS: subsections. Therefore, the CHANNELS: section contains a single subsection: WORDS:.

The CHANNELS: WORDS: subsection has a structure similar to the SENSITIVITY LABELS: WORDS: subsection. However, the sname=, iname=, minclass=, and maxclass= keywords have no meaning or purpose for handling caveats, and are therefore ignored.

In all cases, the CHANNELS: section cannot associate words with compartment bits not associated with words in the INFORMATION LABELS:, SENSITIVITY LABELS:, and CLEARANCES: sections.

Figure 5-1 Printed banner example denoting channels string

Graphic

Printer Banner Encodings

The PRINTER BANNERS: section specifies the words that make up a human-readable representation of caveats other than HANDLE VIA... caveats that must be included in printer banner pages. Whereas the CHANNELS: section specifies HANDLE VIA... caveats based typically on the main (non-sub) compartments in the sensitivity label, the PRINTER BANNERS: section specifies caveats based on any of the compartments or markings bits. This section is used by the system only to translate the internal form of a sensitivity label along with the markings from the corresponding information label to the appropriate human-readable non-handling channel caveat. The example in Figure 5-2 shows the format of a printer banner page with the non-handling channel caveat denoted. Since this section is not used for translating human-readable handling caveats into the internal format, there is no need for the REQUIRED COMBINATIONS: and COMBINATION CONSTRAINTS: subsections. Therefore, the PRINTER BANNERS: section contains a single subsection: WORDS:.

The PRINTER BANNERS: WORDS: subsection has a structure identical to the CHANNELS: WORDS: subsection, except that the markings= keyword is also allowed, for reasons described above. Note that the sname=, iname=, minclass=, and maxclass= keywords have no meaning or purpose for printer banner caveats, and are therefore ignored or not allowed.

In all cases, the PRINTER BANNERS: section cannot associate words with compartment bits not associated with words in the INFORMATION LABELS:, SENSITIVITY LABELS:, and CLEARANCES: sections, and cannot associate words with marking bits not associated with words in the INFORMATION LABELS: section.

Figure 5-2 Printer banners encodings string

Graphic