Skip to main content
Version: 2026.06

Infosec levels

Availability

Infosec levels appear only when information security classification is enabled for your deployment and turned on by an organization administrator. Contact your platform or IT administrator if Infosec Levels is missing from the admin sidebar. This capability is experimental and may change.

Infosec levels (information security levels) are an optional classification layer on the Istari Digital Platform. When enabled, every Resource, System, and user carries an ordered classification from a fixed schema (for example U.S. DoD UNCLASSIFIED through TOP_SECRET_SCI). The platform uses those levels together with sharing and roles so users can only view or change data at or below their clearance.

Note: In this page, Resource means any registered model or artifact; clearance is the infosec level assigned to a user by an administrator. See Terminology.

Why does it matter?

  • Classification-aware collaboration: Teams working with controlled unclassified information (CUI), export-controlled data, or national-security classifications can keep access aligned with policy, not just org membership.
  • Defense in depth: Infosec levels apply on top of sharing and control tags. A user needs the right role, tags (when used), and clearance before the platform grants access.
  • Visible in the product: Classification appears in banners, badges, upload flows, and content viewers so users always know the sensitivity of what they are handling.
  • Enforced server-side: Clearances and resource levels are stored in the registry service and evaluated in the authorization layer alongside permissions and control tags.

How classification is structured

Schemas

The platform ships with two classification schemas, chosen once when an administrator first enables infosec levels:

SchemaLevels (lowest to highest)
US DoD (US_DOD)UNCLASSIFIED, CUI, CONFIDENTIAL, SECRET, TOP_SECRET, TOP_SECRET_SCI
Australia (AUS)OFFICIAL, OFFICIAL:SENSITIVE, PROTECTED, SECRET, TOP_SECRET

Each level has an order (zero-based, lowest = least sensitive), a display name, and a color used in the Istari Digital web app. The schema and the enabled state cannot be changed after the first save.

Platform, resource, and user levels

Three settings define how classification behaves for an organization:

  • Platform maximum — The highest level any Resource or System in the organization can carry. A colored global banner in the web app shows this ceiling.
  • Default resource level — Applied to new Resources and Systems that have no explicit assignment, and backfilled for existing objects when infosec is first turned on.
  • User clearance — The highest level a user may view or assign. Administrators set this per user; new users start at the schema's lowest level (UNCLASSIFIED or OFFICIAL).

When you assign a level to a Resource, the web app offers only levels at or below the lowest of the platform maximum, the containing System level (when working inside a System), and your personal clearance. Resource Owners and Administrators can change a Resource's level; raising a level can automatically archive remote shares whose partner connection is cleared below the new classification.

Artifacts cannot be classified above their parent model's level.

Enforcement

Infosec checks run as part of every permission decision (view, edit, archive, and sharing management). A user must be a cleared member of the Resource's level and all lower levels in the schema. Resources without an explicit assignment inherit the organization's default level.

Infosec levels work alongside control tags. Sharing grants membership; infosec and tags constrain who actually gets access.

What Istari users see

When infosec is enabled for your deployment and turned on by an administrator:

SurfaceWhat appears
Global bannerOrganization maximum level (read-only)
User menu / ProfileYour personal clearance badge
System and file headersShield icon with the Resource's current level
File details paneClassification row with inline editor (when permitted)
Content viewerClassification banner on previews
Upload dialogPer-file level selector (defaults to the organization default; required before upload)
Admin hubInfosec Levels for platform configuration and user clearance assignment

Key details

  • Deployment gate: IT enables FILE_SERVICE_FEATURE_FLAGS__INFOSEC_ENABLED on the Istari Registry Service and VITE_INFOSEC_ENABLED on the Istari Digital web app before the feature appears in the product.
  • Two-step enable: Deployment flags expose the capability; an organization Administrator must still toggle Enable Infosec Levels in the admin hub and choose schema, maximum, and default — a permanent choice.
  • Cannot disable: Once enabled at the organization level, infosec stays on. Organization Administrators can change maximum and default in the admin hub within the bound schema (the web app requires default ≤ maximum).
  • Max downgrade guard: The Istari Registry Service enforces this at the API when an administrator saves new platform settings — lowering the organization maximum is rejected if any Resource, System, or sending connection already carries a higher level. The admin UI lists every level in the schema; it does not pre-filter the maximum dropdown, so an invalid downgrade surfaces as a save error from the registry service.
  • Applies to: Models, artifacts, systems, and users (clearance). Remote partner sharing respects connection clearance; incompatible shares are archived when classification rises.

How to work with infosec levels

User guide (UI):

Python client (SDK):

Infosec Level, Control Tag, Model, Artifact