In an MLS environment, after determining if it is necessary to isolate users, data, and resources within the organization, an authorized security administrator can create categories, which are the optional, non-hierarchical elements of security labels. If security labels in your system will contain categories, you must define these records before you can define and assign security labels to users, data sets and resources.
An CA Top Secret CATEGORY Data Record defines a category available in the system. You must define a separate record for each category you want to use in the system.
Important! If you change or delete an existing security label, (for example, Seclabel data record) that has been assigned to users or resources, you may get unexpected results during MLS validation. Before changing or removing a security label from the system, check whether it has been assigned to any users or resources. If it has, confirm that the change or deletion is intended. If it is, make any necessary changes to user acids and MLS resource records that are using the security label. Likewise, if you delete a security level or category that is used in any existing security label, before removing the level or category from the system, confirm that the deletion is intended. If it is, make any necessary changes to existing security labels, and any user acids and MLS resource records that are using the security labels.
The format of this command is:
(Add|List|Remove) Category(category-name)
Specifies the unique, uppercase, alphanumeric name of a category in the system. The category name cannot contain internal spaces. Duplicate categories are not allowed. In addition, the category name may never begin with the letters 'SYS', since this may cause confusion with any existing or future system-defined security labels. This field is required. The maximum number of categories that can be defined is limited only by the size of the database. To change a category, delete the CATEGORY record and add a new one.
Range: 1 to 32 characters
To create a CATEGORY Data Record, enter:
TSS ADD(mls) CATEGORY(humanresources)
TSS ADD(mls) CATEGORY(finance)
TSS ADD(mls) CATEGORY(sales)
TSS ADD(mls) CATEGORY(development)
To view a CATEGORY Data Record, enter:
TSS LIST(mls) CATEGORY(all)
MLS CATEGORY RECORDS CATEGORY = DEVELOPMENT CATEGORY = FINANCE CATEGORY = HUMANRESOURCES CATEGORY = SALES
To delete a CATEGORY Data Record, enter:
TSS REM(mls) CATEOGRY(sales)
|
Copyright © 2010 CA Technologies.
All rights reserved.
|
|