IBM Enterprise Records, Version 5.1.2   

Security markings for your entities

When you create a marking set, you define a set of values for the marking. Each marking value can then be applied to an entity such as a folder and a document. In order to access that entity, you must also be assigned access to that marking.

Users can access an entity if they meet the criteria that is set by the instance security and the marking value. You must decide which security markings set you want to apply to your entities. An entity can inherit a security markings value or can have a security markings value that is directly assigned to it, such as a Confidential security category. Security markings allow a user with a Records Manager or Records Administrator role to define the security for a record category. This security markings value is automatically set for all folders and records that are associated with that category.

Marking sets that you create are applicable to the entire FileNet P8 domain. Therefore, after you create marking sets for a FileNet P8 domain, the markings are available to all object stores in that domain.

The following marking sets are created for the FileNet P8 domain on the Content Engine server or Content Platform Engine server. These marking sets are created when you run the appropriate task in Configuration Manager. You can optionally assign users and groups to the security levels that are listed in the Contains column in the following table.
Table 1. IBM Enterprise Records marking sets
Marking set name Contains Applicable data model
Security Categories DoD Classified
  • Top Secret
  • Secret
  • Confidential
  • Unclassified
DoD Classified
Prevent RM Entity Deletion
  • Prevents users who do not have the Records Administrators or Records Manager role from deleting record categories, record folders, or records.
DoD, DoD Classified, and Base
Supplemental Marking
  • (PRO and DoD) Does not contain any markings.
  • You can create markings in this set to meet your application-specific requirements.
  • (DoD Classified) Prepopulates the following markings:
    • Restricted Data
    • Formerly Restricted Data
DoD, DoD Classified, and PRO (deprecated)
Prevent RM Entity Deletion PRO
  • Prevents users who do not have the Records Administrators or Records Manager role from deleting record categories, record folders, or records.
PRO (deprecated)
Security Categories
  • Top Secret
  • Secret
  • Confidential
  • Restricted
  • Unclassified
PRO (deprecated)


Feedback

Last updated: November 2013
frmpp046.htm

© Copyright IBM Corporation 2013