mapping company classification policy to the s/mime security label weston nicolls...
TRANSCRIPT
![Page 1: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/1.jpg)
Mapping Company Classification Policy to the
S/MIME Security Label
Weston Nicolls
S/MIME Working Group MeetingDecember 13, 2000
![Page 2: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/2.jpg)
Telenisus Corporation 2
Purpose
• Informational RFC
• Build on Security Label feature defined in ESS for S/MIME - RFC 2634
• Show how Security Label can used to implement an organizational security policy
![Page 3: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/3.jpg)
Telenisus Corporation 3
3rd Draft
Classification Policies and Examples for:– Amoco Corporation
• General, Confidential, Highly Confidential
– Caterpillar Inc• Public, Confidential Green, Confidential Yellow,
Confidential Red
– Whirlpool Corporation• Public, Internal, Confidential
![Page 4: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/4.jpg)
Telenisus Corporation 4
3rd Draft
Security Categories syntax and examples
Attribute Owner Clearance examples
Privacy Mark examples
![Page 5: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/5.jpg)
Telenisus Corporation 5
Security Category Syntax
SecurityCategories ::= SET SIZE (1..ub-security-categories) OF SecurityCategory
ub-security-categories INTEGER ::= 64
SecurityCategory ::= SEQUENCE {
type [0] OBJECT IDENTIFIER
value [1] ANY DEFINED BY type }
-- defined by type
![Page 6: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/6.jpg)
Telenisus Corporation 6
Security Category SyntaxOne example of a SecurityCategory syntax is
SecurityCategoryValues, as follows. When id-securityCategoryValues is present in
the SecurityCategory type field, then the SecurityCategory value field could take the form of
SecurityCategoryValues as follows:SecurityCategoryValues ::= SEQUENCE OF
UTF8String
![Page 7: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/7.jpg)
Telenisus Corporation 7
Example ESSSecurityLabel:
security-policy-identifier: id-tsp-3security-classification: 9privacy-mark: ATTORNEY-CLIENT PRIVILEGED INFORMATION security-categories: SEQUENCE OF SecurityCategory
SecurityCategory #1 type: id-tsp-4 value: LAW DEPARTMENT USE ONLY
![Page 8: Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls wnicolls@telenisus.com S/MIME Working Group Meeting December 13, 2000](https://reader035.vdocuments.us/reader035/viewer/2022072116/5697bfba1a28abf838ca0322/html5/thumbnails/8.jpg)
Telenisus Corporation 8
Example Clearance Attribute
(passes access control check):Clearance:
policyId: id-tsp-3classList BIT STRING: Bits 0, 1, 2, 9 are set to TRUEsecurityCategories: SEQUENCE OF SecurityCategory
SecurityCategory #1 type: id-tsp-4 value: LAW DEPARTMENT USE ONLY