Lines Matching +full:port +full:- +full:level
12 This Internet Draft provides the high level specification for a Commercial
27 Please check the I-D abstract listing contained in each Internet Draft
46 mandatory access controls and multi-level security. These systems are
88 once in a datagram. All multi-octet fields in the option are defined to be
91 +----------+----------+------//------+-----------//---------+
93 +----------+----------+------//------+-----------//---------+
124 corresponding ASCII representations. Non-related groups of systems may
138 number 1 to represent that same security level. The DOI identifier is used
148 actual security information to be passed. All multi-octet fields in a tag
171 +----------+----------+--------//--------+
173 +----------+----------+--------//--------+
207 This is referred to as the "bit-mapped" tag type. Tag type 1 is included
211 +----------+----------+----------+----------+--------//---------+
213 +----------+----------+----------+----------+--------//---------+
216 TYPE LENGTH OCTET LEVEL CATEGORIES
240 3.4.2.4 Sensitivity Level
297 +----------+----------+----------+----------+-------------//-------------+
299 +----------+----------+----------+----------+-------------//-------------+
302 TYPE LENGTH OCTET LEVEL CATEGORIES
337 3.4.3.4 Sensitivity Level
360 +----------+----------+----------+----------+------------//-------------+
362 +----------+----------+----------+----------+------------//-------------+
365 TYPE LENGTH OCTET LEVEL
400 3.4.4.4 Sensitivity Level
415 assumed to be 0. The ranges MUST be non-overlapping and be listed in
423 the non-optimized form. In addition, a CIPSO implementation MUST be able
449 HOST_LABEL_MAX - This parameter contains the maximum sensitivity label that
467 HOST_LABEL_MIN - This parameter contains the minimum sensitivity label that
474 PORT_LABEL_MAX - This parameter contains the maximum sensitivity label for
475 all datagrams that may exit a particular network interface port. All
479 parameter does not apply to CIPSO hosts that support only one network port.
481 PORT_LABEL_MIN - This parameter contains the minimum sensitivity label for
482 all datagrams that may exit a particular network interface port. All
487 port.
489 PORT_DOI - This parameter is used to assign a DOI identifier value to a
490 particular network interface port. All CIPSO labels within datagrams
491 going out this port MUST use the specified DOI identifier. All CIPSO
495 NET_DOI - This parameter is used to assign a DOI identifier value to a
501 HOST_DOI - This parameter is used to assign a DOI identifier value to a
511 the port and host label ranges.
514 4.1 Port Range Parameters
532 systems then multiple port range parameters would be needed, one set for
533 each DOI supported on a particular port.
535 The port range will usually represent the total set of labels that may
557 lead to non-interoperability or even a security incident. The
559 interoperability and that provide users some level of confidence.
567 All datagrams received through a network port MUST have a security label
569 receiving port. Without this label the host, gateway, or router will not
573 datagrams. This label will be compared against the PORT (if appropriate)
583 outside of the configured host or port label range, the datagram is
622 A network port may be configured to not require a CIPSO label for all
624 assigned to that network port and associated with all unlabeled IP
625 datagrams. This capability might be used for single level networks or
626 networks that have CIPSO and non-CIPSO hosts and the non-CIPSO hosts
648 If the CIPSO system only supports one port, the HOST_LABEL_MIN and the
649 HOST_LABEL_MAX parameters MAY be substituted for the PORT parameters in
664 the administrator. If port level DOI identifier assignment is used, then
666 use. If network level DOI assignment is used, then the NET_DOI parameter
667 MUST contain the DOI identifier to use. And if host level DOI assignment
669 to use. A CIPSO implementation need only support one level of DOI
732 cipso-request@wdl1.wdl.loral.com.