Appendix C CMW Labeling Software C1.0 Release Notes, 6/8/93

Release C1.0 is a modification of Release 2.1.1 that incorporates minor bug fixes, portability improvements, and a new functional capability. This appendix is an addendum to the original document.

Overview

The new functional capability is supported for SPECIAL_INVERSE words. SPECIAL_INVERSE words are distinctly different from the inverse words supported by Release 2.1.1 (herein called regular inverse words). Regular inverse words use inverse bits specified in the initial compartments or initial markings associated with one or more classifications. These regular inverse words, typically specified with an ominclass specification, do not appear in human-readable labels below the specified ominclass. In contrast, SPECIAL_INVERSE words use inverse bits specified by a prefix word, and do not appear in human-readable labels unless one or more of the SPECIAL_INVERSE words associated with the same prefix are present in the label.

SPECIAL_INVERSE words can be used to implement the ORiginator CONtrolled (ORCON) handling caveat with organizations to which the ORCON data can be released specified in the label. For example, given that three organizations use a particular system (ORG1, ORG2, and ORG3), the encodings to handle ORCON for these three organizations might look as follows. Only the SENSITIVITY LABELS words are shown in this example.

SENSITIVITY LABELS:

WORDS:

name=ORCON RELEASABLE TO; sname=OR; compartments=1-4; prefix;

name=ORCON; minclass=C; compartments=1-4;
name=ORG1; minclass=C; compartments=~1 4; prefix=OR;
name=ORG2; minclass=C; compartments=~2 4; prefix=OR;
name=ORG3; minclass=C; compartments=~3 4; prefix=OR;

In this example, ORG1, ORG2, and ORG3 are SPECIAL_INVERSE words, each of which requires the prefix ORCON RELEASABLE TO. This prefix specifies compartments bits 1-4. Bit one is for ORG1, bit 2 for ORG2, bit 3 for ORG3, and bit 4, has a meaning of ORCON. If only ORCON RELEASABLE TO ORG1 is present in a label, then bit 1 would be off, and bits 2-4 would be on. If only ORCON RELEASABLE TO ORG2 is present in a label, then bit 2 would be off, and bits 1, 3, and 4 would be on. If only ORCON RELEASABLE TO ORG3 is present in a label, then bit 3 would be off, and bits 1, 2, and 4 would be on. If ORCON RELEASABLE TO ORG1/ORG2 is present in a label, then bits 1 and 2 would be off and bits 3 and 4 would be on, etc. The word ORCON, which dominates the three other words, is not an inverse word. If it appears in a label, the data so labeled is not releasable to any of the three organizations. Note that a label that does not contain any of the above words has bits 1-3 off, and is therefore releasable to all organizations, and has bit 3 off, and is therefore not ORCON data. Thus, with the same words as above for information labels, data with an information label of SECRET ORCON RELEASABLE TO ORG1, when combined with data with an information label of TOP SECRET, would become TOP SECRET ORCON RELEASABLE TO ORG1. SPECIAL_INVERSE words can be specified using markings bits also.

In addition to the changes mentioned above, minor improvements to comments in the code were made. The comment changes are not described below.

Files Changed

1. l_init.c

2. std_labels.c

3. CMW Label Setting Demo.c

4. std_labels.h

Changes to Subroutine Interfaces

The interface to internal subroutine turnoff_word was changed in two ways. First, the flag argument can now be passed as RECURSING, for usage when turnoff_word calls itself. Second, the flag argument can be passed as FORCE_OFF_BY_TURNON_WORD, to indicate that turnon_word is calling turnoff_word to force off a word.

Changes to Encodings File

Prefix words can now accept compartments= and markings= specifications, with meanings as described above. In prior releases, prefix words could accept these specifications, but they were ignored.

Changes to std_labels.h

1. On line 36 (of Release 2.1.1), strings.h was changed to string.h for ANSI compatibility. This change was made in a portion of std_labels.h that vendors are encouraged to change to adapt to their own libraries.

2. Added declarations of l_t3_compartments, l_t3_markings, l_t4_compartments, l_t4_markings, l_t5_compartments, and l_t5_markings.

3. The l_w_type flags SPECIAL_INVERSE and SPECIAL_COMPARTMENTS_INVERSE were defined.

Changes to Subroutines

1. CMW Label Setting Demo.c was changed in Macintosh-specific ways. The changes were in no way related to the usage of the labeling subroutines.

2. In std_labels.c and l_init.c all uncast calls to calloc were cast to (char *).

3. In l_init.c (line 2862 of Release 2.1.1), sl_buffer was changed to cl_buffer.

4. In l_init.c (line 1456 of Release 2.1.1), added a cast of (unsigned int) to a subroutine argument. This cast would be required on some compilers/systems.

5. In l_init.c, added subroutine check_special_inverse. This subroutine is called by do_words to error check and set l_w_type flags for SPECIAL_INVERSE words.

6. In l_init.c, added the allocation of a new set of temporary variables to hold compartments/markings: l_t5_compartments, and l_t5_markings.

7. In l_init.c, changed subroutine check_inverse_words to check new l_w_type SPECIAL_COMPARTMENTS_INVERSE as appropriate.

8. In std_labels.c, in the subroutine word_forced_on, fixed check of comparison or normal compartment to the minimum compartments.

9. In std_labels.c, in the subroutine word_forced_on, added check to cause word_forced_on to ignore SPECIAL_INVERSE words.

10. In std_labels.c, in the subroutine l_parse, added support for SPECIAL_INVERSE words.

11. In std_labels.c, in the subroutine turnoff_word, added algorithms to deal with the special case of SPECIAL_INVERSE words. In particular, turnoff_word was made recursive.

12. In std_labels.c, in the subroutine turnon_word, added algorithms to deal with the special case of SPECIAL_INVERSE words.

13. In std_labels.c, in the subroutine l_valid, added support for SPECIAL_INVERSE words.

Changes to Encodings Specification Error Messages

The following encodings specification error messages have been added:

• In INFORMATION LABELS WORDS, word “XXX”:

  A word that requires a prefix with compartments or markings must specify a subset of the bits in the prefix.

• In SENSITIVITY LABELS WORDS, word “XXX”:

  A word that requires a prefix with compartments or marking must specify a subset of the bits in the prefix.

• In CLEARANCE WORDS, word “XXX”:

  A word that requires a prefix with compartments or markings must specify a subset of the bits in the prefix.

• In INFORMATION LABELS WORDS, word “XXX”:

  A word that requires a prefix with compartments or markings must also specify inverse compartment or marking bits that correspond to bits in the required prefix's compartments or markings.

• In SENSITIVITY LABELS WORDS, word “XXX”:

  A word that requires a prefix with compartments or markings must also specify inverse compartment or marking bits that correspond to bits in the required prefix's compartments or markings.

• In CLEARANCE WORDS, word “XXX”:

  A word that requires a prefix with compartments or markings must also specify inverse compartment or marking bits that correspond to bits in the required prefix's compartments or markings.