Chapter 4 Labeling Printer Output (Tasks)
This chapter describes how labels and handling guidelines are printed on printer output. This chapter also describes how the Security Administrator role can make changes to the default. This chapter includes these topics:
Labels on Body Pages
By default, each print job's label is printed at the top and bottom of every body page.
Figure 4–1 shows the label PUBLIC printed at the top and bottom of a print job's body page.
Figure 4–1 Label Automatically Printed on Body Pages
The Security Administrator role can change the defaults so that a higher label is printed instead of the label of the print job. To print a higher label, see Specifying Channels. To hide labels completely, see Reducing Printing Restrictions in Trusted Extensions (Task Map) in Oracle Solaris Trusted Extensions Administrator’s Procedures.
Security Text on Banner and Trailer Pages
By default, both a banner and a trailer page are automatically created for each print job. The banner and trailer pages contain label-related text and other guidelines for protecting printer output.
The fields and the text that are printed on the banner page are shown in Figure 4–2. The callouts show the names of the labels and the strings that appear by default.
All the text and the labels and text on banner and trailer pages are configurable.
Figure 4–2 Typical Print Job Banner Page
The differences on the trailer page are shown in Figure 4–3. A thick black line is used as a frame on the trailer page, instead of the thicker gray frame on the banner page. The page type identifier on a trailer page is JOB END.
Figure 4–3 Differences on Trailer Pages
The parts of banner and trailer pages that the Security Administrator role can configure are described in the following sections:
In addition, the Security Administrator role can make the following changes in a print configuration file that is called tsol_separator.ps in the /usr/lib/lp/postscript library:
-
Localize (translate) the text on the banner and trailer pages
-
Specify alternates to default labels printed at the top and bottom of body pages
-
Change or omit any of the text or labels
To customize the configuration file, see the comments in the tsol_separator.ps file in the /usr/lib/lp/postscript directory. For further detail, see Chapter 15, Managing Labeled Printing (Tasks), in Oracle Solaris Trusted Extensions Administrator’s Procedures.
Specifying the Protect As Classification
The protect as classification is printed in two places:
-
On the top and bottom of banner and trailer pages
-
In the middle of the protect as statement, together with compartments from the job's label
In the following figure, the NEED_TO_KNOW protect as classification is printed at the top of the banner page.
The protect as statement reads:
This output must be protected as: |
This statement is followed by the protect as classification along with compartments from the label:
NEED_TO_KNOW HR |
This statement is followed by:
unless manually reviewed and downgraded. |
Figure 4–4 Protect As Statement
For example, a site uses INTERNAL_USE_ONLY as the minimum protect as classification. The site has three classifications with the values that are shown in the first two columns of the following table. The third column shows the protect as classification. This classification is printed on the banner and trailer pages for the print job when the classification in the left column is in the job's label.
Table 4–1 Effect of Minimum Protect As Classification on Printer Output|
Classification of Print Job |
Value |
Protect As Classification Printed on Banner and Trailer Pages |
|---|---|---|
|
NEED_TO_KNOW |
3 |
NEED_TO_KNOW |
|
INTERNAL_USE_ONLY |
2 |
INTERNAL_USE_ONLY |
|
PUBLIC |
1 |
INTERNAL_USE_ONLY |
As the preceding table illustrates, any print job whose label includes either the PUBLIC or the INTERNAL_USE_ONLY classification would print INTERNAL_USE_ONLY in the Protect as statement and at the top and bottom of banner and trailer pages. Any print jobs whose label includes the NEED_TO_KNOW classification would print NEED_TO_KNOW in the same locations.
Specifying Printer Banners
The PRINTER BANNERS field occupies the first line or lines that can appear in the handling instructions in the lower third of the banner and trailer pages.
At commercial sites, the Security Administrator role can associate any text in the PRINTER BANNERS section with any compartment bit. The compartment bit must also be assigned to a word in the SENSITIVITY LABELS section of the label_encodings file. In the following example, the printer banner is the line that reads COMPANY CONFIDENTIAL: NEED_TO_KNOW HR.
Compartments from the print job's label are printed in the protect as field along with the print job's protect as classification. In the following example, the compartment HR from the label is printed as an access-related word along with the protect as classification because all compartments are treated as access-related.
Figure 4–5 Commercial Use of PRINTER BANNERS on Banner Page
By convention in U.S. government installations, the printer banner line displays any warnings that are associated with the subcompartments of the job's sensitivity label. The following example shows a typical PRINTER BANNER at a government installation. Any string could be specified instead of the string that is shown here: (FULL SA NAME).
Figure 4–6 Government Use of PRINTER BANNERS on Banner Page
Following are the encodings for the printer banner line (FULL SA NAME) in Figure 4–6.
First, the word (FULL SA NAME) is associated in the PRINTER BANNERS section of the label_encodings with compartment bit 2.
Example 4–1 Defining Words in the PRINTER BANNERS Section
PRINTER BANNERS: WORDS: . . . name= (FULL SA NAME); compartments= 2; |
Example 4–2 shows the SENSITIVITY LABELS definitions for the same compartments that are used in the PRINTER BANNER definitions in Figure 4–6. In the example, compartment bit 2 is associated with the subcompartment word SA.
The printer banner displays as (FULL SA NAME) because:
-
The label contains the subcompartment word SA.
-
Compartment bit 2 is associated with the subcompartment word SA.
-
Compartment bit 2 is associated with the string (FULL SA NAME) in the PRINTER BANNERS encodings.
Example 4–2 Sensitivity Labels WORDS Associated With PRINTER BANNERS Definitions
SENSITIVITY LABELS: WORDS: . . . name= SB; minclass= TS; compartments= 3-5; name= SA; minclass= TS; compartments= 2; |
For a sample PRINTER BANNERS planner, see Planning the Printer Banners in a Worksheet.
Specifying Channels
The CHANNELS section in the label_encodings file defines the lines that can appear below the PRINTER BANNER lines on the lower third of the banner and trailer pages. The CHANNELS section can be specified to print a string whenever the label of a print job contains a certain compartment.
Commercial sites can customize the text in the CHANNELS section with any compartment bit. Figure 4–7 shows a CHANNELS warning on a print job's banner page at a commercial site.
Figure 4–7 Commercial Use of CHANNELS on Banner Page
In U.S. government installations, the channels lines of the banner page conventionally show the warnings that are associated with the compartments of the job's label. Figure 4–8 shows a typical CHANNELS warning on a print job's banner page at a government installation: HANDLE VIA (CH B)/(CH A) CHANNELS JOINTLY.
The following discussion shows how the CHANNELS string HANDLE VIA (CH B)/(CH A) CHANNELS JOINTLY is specified for a job whose label includes the compartment words A and B. For the purpose of the example, only (CH A) and (CH B) apply. However, since the compartment bit for a third channel (CH C) is included in their definitions, (CH C) is also mentioned in this discussion.
The example illustrates these features:
-
Two compartment bits are associated individually with one set of words and together with another set of words
-
A third compartment bit is included with the encodings for the first two bits
-
One suffix is defined for whenever any combination of one or more channel words is in the label
-
Another suffix is defined for when a single channel word is in the label
-
A third suffix is defined for when more than one channel word is in the print job's label
Figure 4–8 U.S. Government Use of CHANNELS Specification on Banner Page
As shown in the following example, two suffixes CHANNELS JOINTLY and CHANNELS ONLY and a prefix HANDLE VIA are defined.
Example 4–3 Suffixes and Prefixes in the CHANNELS Section in a Government label_encodings File
CHANNELS: WORDS: name= CHANNELS JOINTLY; suffix; name= CHANNELS ONLY; suffix; name= HANDLE VIA; prefix; |
After the prefixes and suffixes are defined as in Example 4–3, the channel names (CH A), (CH B), and (CH C) are specified in two different ways to achieve the following results:
-
Whenever any one of the three compartment bits associated with channels is in the label, the HANDLE VIA: prefix is printed.
-
When only one of the three compartment bits associated with channels is in the label, the CHANNELS ONLY suffix is printed after the channel name (CH A), (CH B), or (CH C).
-
When more than one compartment bit that is associated with channels is in the label, the prefix is followed by the channel names separated by a slash (/). This channel name is then followed by the CHANNELS JOINTLY suffix.
The first three lines that define CHANNELS words in Example 4–3 are repeated in Example 4–4. The second examples focuses on how (CH A), (CH B), and (CH C) are encoded to appear with the CHANNELS ONLY suffix:
-
(CH A) is encoded with bit 0 on and bits 1 and 6 explicitly set to off using the tilde (~): 0 ~1 ~6
-
(CH B) is encoded with bit 1 on and bits 0 and 6 explicitly set to off using the tilde (~): ~0 1 ~6
-
(CH C) is encoded with bit 6 on and bits 0 and 1 explicitly set to off using the tilde (~): ~0 ~1 6
Example 4–4 CHANNELS ONLY Suffix That Appears Alone with Individual Channels
CHANNELS: WORDS: name= CHANNELS JOINTLY; suffix; name= CHANNELS ONLY; suffix; name= HANDLE VIA; prefix; name= (CH A); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= 0 ~1 ~6; name= (CH B); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= ~0 1 ~6; name= (CH C); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= ~0 ~1 6; |
The first three lines of channel name definitions in the CHANNELS section that is shown in Example 4–4 have the following results:
-
The HANDLE VIA prefix and the CHANNELS ONLY suffix are printed when one of the words that is associated with bits 0, 1, and 6 elsewhere in the label_encodings is in the job's label
-
The HANDLE VIA prefix and CHANNELS ONLY suffix are printed:
-
With (CH A) when compartment bit 0 is turned on in the label and compartment bits 1 and 6 are off
-
With (CH B) when compartment bit 1 is turned on in the label and compartment bits 0 and 6 are off
-
With (CH C) when compartment bit 6 is turned on in the label and compartment bits 0 and 1 are off
The last three lines that define CHANNELS WORDS in Example 4–4 are repeated in Example 4–5. The repetition shows how (CH A), (CH B), and (CH C) are encoded to appear with the CHANNELS JOINTLY suffix when more than one of the words associated with bits 0, 1, and 6 is in the job's label. A slash is inserted between the channels names when more than one of the bits defined in the channels section is in the job's label.
-
Example 4–5 Encodings for More Than One Channel in CHANNELS Section in Government Encodings File
name= (CH A); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= 0 ~1 ~6; name= (CH B); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= ~0 1 ~6; name= (CH C); prefix= HANDLE VIA; suffix= CHANNELS ONLY; compartments= ~0 ~1 6; name= (CH C); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 6; name= (CH B); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 1; name= (CH A); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 0; |
The CHANNELS specification in Example 4–5 illustrates the importance of order when compartments are being encoded. The first three lines handle the cases when only one of the channels compartment bits is turned on, so the last three lines can handle cases when more than one bit is turned. Therefore, none of the last three lines need to have any compartment bits explicitly set to 0. The result of these last three lines is that the suffix CHANNELS JOINTLY is always printed when any of two or more of the three compartment words that are associated with the channels is in the label.
-
(CH C) is printed with CHANNELS JOINTLY when bit 6 is turned on, and either of bit 0 or 1 or both are also turned on.
-
(CH B) is printed with CHANNELS JOINTLY when bit 1 is turned on, and either of bit 0 or 6 or both are also turned on.
-
(CH A) is printed with CHANNELS JOINTLY when compartment 0 is turned on, and either of bit 6 or 1 or both are also turned on.
The following example shows that compartment bit 6 is associated with the label word CC.
Example 4–6 Label WORDS Associated With Compartment Bit 6
SENSITIVITY LABELS: WORDS: . . . name= CC; minclass= TS; compartments= 6; |
Example 4–7 shows that compartment bit 1 is associated with the sensitivity label word B.
Example 4–7 Label WORDS Associated With Compartment Bit 1
SENSITIVITY LABELS: WORDS: . . . name= B; minclass= C; compartments= 1; |
Example 4–8 shows that compartment bit 0 is associated with sensitivity label word A.
Example 4–8 Label WORDS Associated With Compartment Bit 0
SENSITIVITY LABELS: WORDS: . . . name= A; minclass= C; compartments= 0; |
To sum up, the channels line prints as HANDLE VIA (CH B)/(CH A) CHANNELS JOINTLY because of the following specifications:
-
HANDLE VIA is defined to always appear with any CHANNELS word
-
The sensitivity label has two access-related words, A and B, that are associated with two compartment bits, 0 and 1.
-
Because two of the bits that are defined for CHANNELS words appear in the job's label, the CHANNELS WORDS (CH A) and (CH B) are followed by CHANNELS JOINTLY.
Any string that should print before the channel name is specified as a prefix. Any string that should print after the channel name is specified as a suffix.
For a sample CHANNELS planner, see Planning the Channels in a Worksheet.
Configuring Security Text on Print Jobs (Task Map)
The following task map describes how to format body pages and banner pages with labels.
|
Task |
For Instructions |
|---|---|
|
Print wording on the front page of a printout | |
|
Print handling instructions | |
|
Protect printouts at a higher label than the print job | |
|
Configure printers to label output |
How to Specify the Words in PRINTER BANNERS
Create the strings that appear at the top of the banner page, and at the start of the handling instructions on the bottom of the page.
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Plan the printer banners.
For background information, see Specifying Printer Banners.
For assistance, use Planning the Printer Banners in a Worksheet.
-
Edit the label_encodings file.
Use the Edit Encodings action.
-
Modify the PRINTER BANNERS section of the file.
-
Create prefixes and suffixes.
These strings are associated with the WORDS in the printer banner lines of banner and trailer pages.
PRINTER BANNERS: WORDS: name= ORCON; prefix;
-
Enter the names of words to associate with any already-defined compartments in sensitivity labels.
You can associate compartments with particular prefixes and suffixes.
name= (FULL SB NAME); compartments= 3; name= (FULL SA NAME); compartments= 2;
-
-
Continue with How to Analyze and Verify the label_encodings File.
How to Specify Handling Instructions
in CHANNELS
Create the strings that state handling instructions on printer banner pages.
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Plan the prefixes and suffixes.
For assistance, use Planning the Channels in a Worksheet.
-
Edit the label_encodings file.
Use the Edit Encodings action.
-
Modify the CHANNELS section of the file.
CHANNELS: WORDS:
-
Enter the prefixes or suffixes.
The WORDS in the CHANNELS lines of banner and trailer pages become prefixes or suffixes.
CHANNELS: WORDS: name= CHANNELS JOINTLY; suffix; name= CHANNELS ONLY; suffix; name= HANDLE VIA; prefix;
-
Enter the names of words to associate with already-defined compartments in sensitivity labels.
You can use the defined prefixes and suffixes.
name= (CH C); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 6; name= (CH B); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 1; name= (CH A); prefix= HANDLE VIA; suffix= CHANNELS JOINTLY; compartments= 0;
-
-
Continue with How to Analyze and Verify the label_encodings File.
How to Set a Minimum Protect As Classification
The minimum protect as classification protects all printer output at the specified minimum classification or above. Site security policy might require this setting if lower-level information must be protected at a higher label.
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Set a minimum protect as classification.
This classification is defined in the ACCREDITATION RANGE section of an encodings file.
-
Continue with How to Analyze and Verify the label_encodings File.
Example 4–9 Minimum Protect As Classification From a label_encodings File
This example shows a minimum protect as classification. This classification is defined in the ACCREDITATION RANGE section of the label_encodings.simple file. With this setting, files that are labeled INTERNAL print with NEED_TO_KNOW on the banner and trailer pages.
minimum protect as classification= NEED_TO_KNOW; |
- © 2010, Oracle Corporation and/or its affiliates