Labeled Files and Multilevel File Systems

Labeled files are files that your organization labels due to the sensitivity of their contents. Labeled files are in labeled file systems. Another name for a labeled file system is a multilevel file system.

Labeled file systems can have stricter requirements for encryption, auditing, and other security processes. The auditing of access to sensitive files is part of due diligence. The audit record includes both the label of the file and clearance of the active process. The audit service enables you to specify that file-read events are audited for labeled files only.

Labeled file systems complement encryption. Labeling protects data in mounted file systems, while encryption protects data in unmounted file systems, so archived labeled file systems should be encrypted.

By default, all file systems are unlabeled. In a multilevel file system, files can inherit their label from their directory or be assigned a label explicitly by a user whose process dominates the file label. No privilege can override the access policy specified by a label. You must be an administrator to create a labeled file system.

A user's clearance controls whether they can access a labeled file, upgrade or downgrade a file label, archive a multilevel file system, or restore it. The files that the user is operating on must be within the user's clearance. DAC permissions control whether the user can read, write, or execute the file. Note that discretionary access control (DAC) applies to all labeled files.