|Skip Navigation Links|
|Exit Print View|
|Compartmented Mode Workstation Labeling: Encodings Format Oracle Solaris 11 Information Library|
The CLEARANCES: section specifies the words that make up a human-readable representation of user's clearances, as well as the required combinations and combination constraints on these words. This section is used by the system to convert a human-readable representation of non-classification clearance words into the internal bit-string form, and to translate the internal form to a human-readable representation.
The CLEARANCES: section has a structure identical to the SENSITIVITY LABELS: section. In fact, in most cases, the CLEARANCES: section will be identical to the SENSITIVITY LABELS: section. A separate CLEARANCES: section is provided to add flexibility to the system in case there are any different required combinations or combination constraints on clearances than on sensitivity labels, or if—by convention—clearance compartment names are slightly different than corresponding sensitivity label compartment names.
In all cases, the CLEARANCES: section must associate words with exactly the same compartment bits as the INFORMATION LABELS: and SENSITIVITY LABELS: sections. Moreover, for every word in the SENSITIVITY LABELS: section with associated normal (non-inverse) compartment bits, there can be no word in the CLEARANCES: section whose associated normal compartment bits dominate but do not equal the compartment bits of the sensitivity label word, unless the clearance word is an alias. Also, for each inverse compartment word in the CLEARANCES: section, there must be a corresponding inverse compartment word in the SENSITIVITY LABELS: section whose compartment bits are dominated by the clearance word's compartment bits.
The encodings example in Appendix B, Annotated Sample Encodings illustrates a case where the CLEARANCES: combination constraints are different than the SENSITIVITY LABELS: combination constraints. This example occurs when release compartments are encoded in sensitivity labels. In the Appendix B, Annotated Sample Encodings example, REL CNTRY1 and REL CNTRY2 are treated as release compartments. The meaning of having REL CNTRY1 in a sensitivity label is that the data is releasable to system users whose clearance contains the compartment REL CNTRY1.
In the clearance section, the prefix REL is called NATIONALITY: to indicate that the application of this word in a clearance specifies the nationality of the user. Therefore, the meaning of having REL CNTRY2 in a sensitivity label is that the data is releasable to system users whose clearance contains the compartment NATIONALITY: CNTRY2. The meaning of having REL CNTRY1/CNTRY2 in a sensitivity label is that the data is releasable to system users whose clearance contains either NATIONALITY: CNTRY1 or NATIONALITY: CNTRY2. Therefore, it is perfectly valid for a sensitivity label to contain both REL CNTRY1 and REL CNTRY2.
However, such is not the case for a clearance. The meaning of NATIONALITY: CNTRY1 in a clearance is that the user is a citizen of CNTRY1. Similarly, the meaning of NATIONALITY: CNTRY2 in a clearance is that the user is a citizen of CNTRY2. However, in most systems, it would make no sense for a user to be treated as a citizen of more than one country, so having both NATIONALITY: CNTRY1 and NATIONALITY: CNTRY2 in a clearance would be invalid and is prevented by the clearance combination constraint:
NATIONALITY: CNTRY1 ! NATIONALITY: CNTRY2
Chapter 7, General Considerations for Specifying Encodings discusses some very important considerations concerning the specification of clearances encodings.