Oracle Solaris Trusted Extensions Label Administration

Encoding the Accreditation Range

The combination constraints from Table 6–3, and the minimum clearance, minimum sensitivity label and minimum protect as classification from Planning the Minimums in an Accreditation Range are encoded in the ACCREDITATION RANGE: section in the following example. PUBLIC and INTERNAL_USE_ONLY are defined to never appear in a label with any compartment. NEED_TO_KNOW is defined to appear in a label with any combination of compartments. REGISTERED is defined to appear with no compartments.

Example 6–10 SecCompany ACCREDITATION RANGE Section


classification= PUBLIC; only valid compartment combinations:


classification= INTERNAL_USE_ONLY; only valid compartment combinations:


classification= NEED_TO_KNOW; all compartment combinations valid;

classification= REGISTERED; only valid compartment combinations:


minimum clearance= PUBLIC;
minimum sensitivity label= PUBLIC;
minimum protect as classification= PUBLIC;