Working with Infosec Levels
Experimental Feature
This feature is experimental and subject to change. We welcome feedback!
Infosec levels are used to describe access control for classified files. The Istari Platform supports the DOD's infosec schema.
Default Level
The default level effects how models, artifacts, and systems which have not been explicitly assigned a value behave.
- The default level can be set at any level up to and including the maximum level.
- In general, we expect models, systems, and artifacts to be assigned an infosec level, and not defer to the default level.
- When the infosec levels feature is enabled for the first time, existing models will inherit the default infosec level.
User Permissions
- All users hold the UNCLASSIFIED infosec level by default.
- An Istari Platform Administrator may grant a higher infosec level to users.
- An unprivileged user cannot view or assign an infosec level that is higher than what has been granted by an Istari Platform Administrator.
Owner and Administrator Exception
Owners and Administrators will maintain access to their files even when those files exceed the specified clearance of the Owner or Administrator.
Assigning Infosec Levels
Users can assign existing models, artifacts, and systems an explicit infosec level.
Users can also upload or create new models, artifacts, and systems and set the infosec level for the file during the upload process.
Classification Constraints
| Resource Type | Constraint |
|---|---|
| Systems | Will not permit the addition of Models or Artifacts which are of higher classification level than the System infosec level. |
| Models | Will not permit setting their derived artifacts at a higher classification level than the model they were sourced from. |