Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Trusted Extensions Developer's Guide
Previous Next

Structure of the Experimental Java Label Interfaces

The JNI implementation of the Trusted Extensions label APIs introduces several label-related classes that relate to each other in this way:

  • SolarisLabel abstract class

    • ClearanceLabel subclass

    • SensitivityLabel subclass

  • Range class

SolarisLabel Abstract Class

The SolarisLabel abstract class provides the foundation for common and native methods related to Solaris Trusted Extensions labels. The SensitivityLabel and ClearanceLabel subclasses inherit members from this abstract class. Static factories for creating sensitivity labels and clearance labels are also provided by the abstract class.

Static factories and methods throw exceptions when errors are encountered to ensure that no mandatory access control-related errors occur silently.

This abstract class defines the following general-purpose methods that are used to compare labels and to translate labels to strings:

  • dominates

  • equals

  • setFileLabel

  • strictlyDominates

  • toColor

  • toInternal

  • toRootPath

  • toString

  • toText

  • toTextLong

  • toTextShort

The equals, dominates, and strictlyDominates methods are analogous to the blequal(), bldominates(), and blstrictdom() label APIs currently available with Solaris Trusted Extensions. The setFileLabel method is analogous to the setflabel() routine currently available with Solaris Trusted Extensions.

The rest of the methods (such as toText, toInternal, and toColor) are related in function to the label_to_str() routine that is currently available with Solaris Trusted Extensions. These methods enable you to translate a label to a particular type of string. Depending on the label relationship of the process and the object, you might need privileges in your effective set to translate a label to a human-readable form. For instance, the Java Virtual Machine (JVMTM) process must be running with the sys_trans_label privilege to translate labels that it does not dominate.

The SolarisLabel abstract class also includes the following static factories:

  • getClearanceLabel

  • getFileLabel

  • getSensitivityLabel

  • getSocketPeer

The string that you pass as a label to getSensitivityLabel or getClearanceLabel can be in one of the following forms:

  • Human-readable form of the label, such as PUBLIC

  • Internal form of the label, such as 0x0002-08-08

Only the internal form of the label is suitable for storage and for transmission over a network connection, as the internal form does not reveal the actual label. For more information, see Readable Versions of Labels.

The ClearanceLabel and SensitivityLabel subclasses extend the SolarisLabel abstract class. These subclasses each inherit the common methods provided by the SolarisLabel abstract class.

ClearanceLabel Subclass

The ClearanceLabel subclass extends the SolarisLabel abstract class and defines the getMaximum and getMinimum methods, which return the ClearanceLabel object that represents the least upper bound and the greatest lower bound, respectively.

SensitivityLabel Subclass

The SensitivityLabel subclass extends the SolarisLabel abstract class and defines the getMaximum and getMinimum methods, which return the SensitivityLabel object that represents the least upper bound and the greatest lower bound, respectively.

The SensitivityLabel subclass introduces the following methods that provide information suitable for labeled printer banner pages:

  • toCaveats

  • toChannels

  • toFooter

  • toHeader

  • toProtectAs

Range Class

The Range class represents a Java version of a Solaris Trusted Extensions label range.

This class defines the following general-purpose methods that are used to obtain the upper and lower labels in a label range and to determine whether a label is within a specified label range:

  • getLower

  • getUpper

  • inRange

The Range class also includes the following static factories that create range objects:

  • getDeviceRange

  • getLabelRange

  • getUserRange

The getDeviceRange and getUserRange static factories create range objects based on the range for the specified device and the specified user, respectively. The getLabelRange static factory enables you to create a label range where you specify the upper and lower bounds for the range.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire