ApoyoConsolaDesarrolladoresIniciar una pruebaContacto

49.6.2. Security Levels, Objects and Subjects

As discussed above, subjects and objects are labeled with Security Levels (SLs), which are composed of two types of entities:
  1. Sensitivity: — A hierarchical attribute such as "Secret" or "Top Secret".
  2. Categories: — A set of non-hierarchical attributes such as "US Only" or "UFO".
An SL must have one sensitivity, and may have zero or more categories.
Examples of SLs are: { Secret / UFO, Crypto }, { Top Secret / UFO, Crypto, Stargate } and { Unclassified }
Note the hierarchical sensitivity followed by zero or more categories. The reason for having categories as well as sensitivities is so that sensitivities can be further compartmentalized on a need-to-know basis. For example, while a process may be cleared to the "Secret" sensitivity level, it may not need any type of access to the project "Warp Drive" (which could be the name of a category).

Note

  1. Security Levels on objects are called Classifications.
  2. Security Levels on subjects are called Clearances.
Thus, objects are labeled with a Classification, while subjects operate with a specific Clearance. Security Levels can have also Ranges, but these are beyond the scope of this introduction.
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

© 2024 Red Hat, Inc.