Planning the Compartments

The group names will be encoded as non-hierarchical compartments. Compartments will be restricted to appear only in labels that have the NEED_TO_KNOW classification. Compartments are restricted to appear with certain classifications by settings in the ACCREDITATION RANGE section under COMBINATION CONSTRAINTS.

User clearances will control which users can create files and directories with labels that include a group name, and user clearances will also control whether some users will be able to create documents whose labels have more than one group along with the NEED_TO_KNOW classification.

Previous: Planning the Classifications
Next: Planning the Use of Words in MAC