Enabling Experimental Infosec Levels
This feature is in preview and subject to change. We welcome feedback!
Infosec levels are used to describe access control for classified files. The Istari Digital Platform supports two classification schemas:
- United States Department of Defense (
US_DOD) —UNCLASSIFIEDthroughTOP_SECRET_SCI. - Australia (
AUS) —OFFICIALthroughTOP_SECRET.
A schema is chosen once, by an Istari Platform Administrator, when infosec levels are first enabled. The chosen schema cannot be changed afterward.
IT Setup
To enable the experimental infosec level feature, add the following environment variables:
Istari Registry Service
FILE_SERVICE_FEATURE_FLAGS__INFOSEC_ENABLED: "true"
Istari Frontend
VITE_INFOSEC_ENABLED: "true"
Both schemas are available out of the box once these flags are set — no additional configuration is required to make AUS selectable. The schema is selected by the Istari Platform Administrator in the Admin Panel (see below).
Enabling Infosec Levels via Admin Panel
- An Istari Platform Administrator opens Admin → Infosec Levels in the Istari Digital Platform.
- The administrator toggles Enable Infosec Levels.
- The administrator selects the Infosec Schema (
United States DoDorAustralia) from the schema dropdown. - The administrator sets a maximum level and a default level for new resources. The available levels reflect the selected schema.
- The administrator clicks Save Changes to apply the configuration.
Once infosec levels are enabled, both the enabled state and the selected schema are permanent. Neither can be changed afterward. Choose the schema carefully.
Choosing a Schema
United States Department of Defense (US_DOD)
| Order | Level |
|---|---|
| 0 | UNCLASSIFIED |
| 1 | CUI |
| 2 | CONFIDENTIAL |
| 3 | SECRET |
| 4 | TOP_SECRET |
| 5 | TOP_SECRET_SCI |
Australia (AUS)
| Order | Level |
|---|---|
| 0 | OFFICIAL |
| 1 | OFFICIAL:SENSITIVE |
| 2 | PROTECTED |
| 3 | SECRET |
| 4 | TOP_SECRET |
Configuring Maximum and Default Levels
- The maximum and default level can be changed after initial setup.
- The Istari Registry Service rejects attempts to lower the organization maximum below the highest level of any model, artifact, system, or sending connection that already carries a higher classification. The admin UI does not pre-filter the maximum dropdown — the registry service returns an error on save.
- The default level can be set at any level up to and including the maximum level.
Granting Infosec Levels to Users
- All users hold the lowest level of the selected schema by default (
UNCLASSIFIEDforUS_DOD,OFFICIALforAUS). - The Istari Platform Administrator may grant a higher infosec level to individual users.
- An unprivileged user cannot view or assign an infosec level higher than what has been granted by an Istari Platform Administrator.