Preface
Labels, clearances, and handling instructions are used to protect information
on a system that is configured with Solaris Trusted Extensions software. The components of
labels, clearances, and handling instructions are specified in the label_encodings file. This guide provides background for creating or modifying
the file. The guide provides examples, and helps you to create and install
a label_encodings file that is appropriate for your site.
Who Should Use This Book
This book is for security administrators. Security administrators are
responsible for defining the organization's labels. Some security administrators
are also responsible for implementing the labels. This book is for definers
and implementers.
Note –
Even though Trusted Extensions can be configured with no visible labels,
labels are always being used. Labels provide mandatory access control (MAC),
and MAC is always enforced. Therefore, the site's label_encodings file
must be in place before any users or roles are created.
Trusted Extensions installs
a default label_encodings file. The security administrator
must provide a file that is appropriate for the site.
The security administrator who implements the labels should be familiar
with Solaris administration. The necessary level of knowledge can be
acquired through training and documentation. For details, see Documentation, Support, and Training.
How the Solaris Trusted Extensions Books Are
Organized
The Solaris Trusted Extensions documentation set supplements the documentation for the Solaris 10 5/08 release.
Review both sets of documentation for a more complete understanding of Solaris Trusted Extensions.
The Solaris Trusted Extensions documentation set consists of the following books.
|
Book Title
|
Topics
|
Audience
|
|
Solaris Trusted Extensions Transition Guide
|
Obsolete. Provides
an overview of the differences between Trusted Solaris 8 software, Solaris 10 5/08 software,
and Solaris Trusted Extensions software.
For this release,
the What's New document for the Solaris OS provides an
overview of Trusted Extensions changes.
|
All
|
|
Solaris Trusted Extensions Reference Manual
|
Obsolete. Provides Solaris Trusted Extensions man
pages for the Solaris 10 10/06 and Solaris 10 8/07 releases of Trusted Extensions .
For this release, Trusted Extensions man
pages are included with the Solaris man pages.
|
All
|
|
Solaris Trusted Extensions User’s Guide
|
Describes the basic features of Solaris Trusted Extensions. This book contains
a glossary.
|
End users, administrators, developers
|
|
Solaris Trusted Extensions Installation and Configuration
|
Obsolete. Describes
how to plan for, install, and configure Solaris Trusted Extensions for the Solaris 10 10/06 and Solaris 10 8/07 releases of Trusted Extensions.
|
Administrators, developers
|
|
Solaris Trusted Extensions Configuration Guide
|
Starting with the Solaris 10 5/08 release, describes how to enable and initially configure Solaris Trusted Extensions. Replaces Solaris Trusted Extensions Installation and Configuration.
|
Administrators, developers
|
|
Solaris Trusted Extensions Administrator’s Procedures
|
Shows how to perform specific administration tasks.
|
Administrators, developers
|
|
Solaris Trusted Extensions Developer’s Guide
|
Describes how to develop applications with Solaris Trusted Extensions.
|
Developers, administrators
|
|
Solaris Trusted Extensions Label Administration
|
Provides information about how to specify label components in the label
encodings file.
|
Administrators
|
|
Compartmented Mode Workstation Labeling: Encodings Format
|
Describes the syntax used in the label encodings file. The syntax enforces
the various rules for well-formed labels for a system.
|
Administrators
|
How This Book Is Organized
-
Chapter 1, Labels in Trusted Extensions Software discusses labels-related concepts
for the security administrator who prepares the site's label_encodings file.
-
Chapter 2, Planning Labels (Tasks) provides planning steps for the security administrator who
prepares the site's label_encodings file. This chapter
also describes the encodings files that Trusted Extensions provides.
-
Chapter 3, Making a Label Encodings File (Tasks) describes how to create, customize, and check
the label_encodings file.
-
Chapter 4, Labeling Printer Output (Tasks) describes the labels and handling instructions on printer
output and gives procedures for modifying them.
-
Chapter 5, Customizing LOCAL DEFINITIONS describes the optional LOCAL DEFINITIONS section
of the label_encodings file.
-
Chapter 6, Example: Planning an Organization's Labels models how a site analyzes its label requirements
and creates a label_encodings file.
-
Appendix A, Sample Label Encodings File contains the example of the label_encodings file
from Chapter 6, Example: Planning an Organization's Labels.
Documentation, Support,
and Training
The Sun web site provides information
about the following additional
resources:
Typographic
Conventions
The following table describes the typographic
conventions that are used in this book.
Table P–1 Typographic
Conventions
|
Typeface
|
Meaning
|
Example
|
|
AaBbCc123
|
The names of commands, files, and directories,
and onscreen computer output
|
Edit your .login file.
Use ls -a to
list all files.
machine_name% you have
mail.
|
|
AaBbCc123
|
What you type, contrasted with onscreen
computer output
|
machine_name% su
Password:
|
|
aabbcc123
|
Placeholder: replace with a real name
or value
|
The command to remove a file is rm filename.
|
|
AaBbCc123
|
Book titles, new terms, and terms to
be emphasized
|
Read Chapter 6 in the User's
Guide.
A cache is a copy
that is stored locally.
Do not save the
file.
Note: Some
emphasized items appear bold online.
|
Shell Prompts
in Command Examples
The following table shows the default UNIX® system
prompt and superuser prompt for the C shell,
Bourne shell, and Korn shell.
Table P–2 Shell
Prompts
|
Shell
|
Prompt
|
|
C shell
|
machine_name%
|
|
C shell for superuser
|
machine_name#
|
|
Bourne shell and Korn shell
|
$
|
|
Bourne shell and Korn shell for superuser
|
#
|
PDF로 이 문서 다운로드 (1500 KB)