Labels and Security Policy
Site security policy is the security policy that an organization sets up
to protect its proprietary information. With Trusted Extensions software, labels and mandatory access
control (MAC) can be part of this policy. Labels implement a set of
rules that is a part of system security policy. System security policy is the set
of rules that is enforced by system software to protect information that is
being processed on the system. The term security policy can refer to policy
or to implementation of the policy.
All systems that are configured with Trusted Extensions have labels. Labels are specified
in a label_encodings file. For a description of the file, see the label_encodings(4)
man page. For descriptions of the encodings files that are delivered with Solaris
Trusted Extensions packages, see Sources for Encodings Files.
Trusted Extensions installs a default version of the label_encodings file. The default version
supplies several commercial labels. This version can sometimes be used in non-production environments
for learning purposes. A site can also customize one of the label encodings
files that are delivered with the Solaris Trusted Extensions packages. For an example
of a site-specific file, see Appendix A, Sample Label Encodings File.
Every computer in the Trusted Extensions network needs its own copy of
the site's label_encodings file. For interoperability, the label_encodings file on every computer in
the network should be compatible. At the very least, each computer should recognize
the labels on every other computer in the network.
Certain types of labels must be defined. The security administrator specifies the numeric
values and the bits that make up the internal representation of labels. Users
and roles see the textual representation of labels. The labeling software translates between
the internal form and the textual form of labels. The label_encodings file provides
the rules for translating the internal representation of labels to their textual strings.
The textual strings can be visible on the desktop. The internal representation is
recorded in the audit trail and is interpreted by the praudit command.
The security administrator is the person who defines and plans the implementation of an
organization's security policy. The security administrator establishes information-protection procedures, makes sure computer users and
administrators are properly trained, and monitors compliance.
The Security Administrator role is created in the software. The role is assigned
to one or more administrators who fully understand Trusted Extensions administration. These administrators
are cleared to view and to protect the highest level of information that
is processed by Trusted Extensions. One of the responsibilities of the security administrator
is to create the site's label_encodings file to replace the version that Sun
installs. The administrator can also decide whether labels are visible on the desktop.
Even when labels are not visible, objects and processes on the system are
labeled, and MAC is enforced.
Trusted Extensions provides the Security Administrator role with the tools and capabilities to
put the organization's security policy into effect. To assume the role, you first
log in as an ordinary user, then assume the role. At your site,
the security administrator who defines the site's security policy might or might not
be the same person who implements the policy.