Trusted Extensions extends the Solaris OS by restricting access to information based on the sensitivity of the information. Processes, files, desktop components, and network communications are assigned labels such as PUBLIC and RESTRICTED. The Trusted Extensions policy is based on the following concepts.
• Capabilities that in most UNIX environments are assigned to superuser are available to discrete administrative roles.
• In addition to UNIX permissions, access to data is controlled by special security tags. These tags are called sensitivity labels. Labels are assigned to users, processes, and objects such as data files and directories.
• Users can be cleared to operate in a multilevel desktop environment. ...