When you create a marking set, you define a set of values
for the marking. Each marking value can then be applied to an entity
such as a folder and a document. In order to access that entity,
you must also be assigned access to that marking.
Users can access an entity if they meet the criteria that is set
by the instance security and the marking value. You must decide which
security markings set you want to apply to your entities. An entity
can inherit a security markings value or can have a security markings
value that is directly assigned to it, such as a Confidential security
category. Security markings allow a user with a Records Manager or
Records Administrator role to define the security for a record category.
This security markings value is automatically set for all folders
and records that are associated with that category.
- In FileNet® P8, you create
a marking set. You assign values such as Secret or Confidential. Then, you assign users and groups to these
marking values. For example, the auditor group might have access to
secret marking sets.
- For your entities, a property is associated with the marking,
and you select one of the marking values for each entity. For example,
when you create a record in a class with the security classification
marking, you might select Top Secret for a particular
document as the value for the property. Consequently, only users that
are assigned the Top Secret marking can view that document.
Marking sets that you create are applicable to the entire FileNet P8 domain. Therefore, after
you create marking sets for a FileNet P8 domain, the markings are available to all object stores
in that domain.
The following marking sets are created for the
FileNet P8 domain on the
Content Engine server or
Content Platform Engine server. These marking
sets are created when you run the appropriate task in Configuration
Manager. You can optionally assign users and groups to the security
levels that are listed in the Contains column in the following table.
Table 1. IBM Enterprise
Records marking setsMarking set name |
Contains |
Applicable data model |
Security Categories DoD Classified |
- Top Secret
- Secret
- Confidential
- Unclassified
|
DoD Classified |
Prevent RM Entity Deletion |
- Prevents users who do not have the Records Administrators or Records
Manager role from deleting record categories, record folders, or records.
|
DoD, DoD Classified, and Base |
Supplemental Marking |
- (PRO and DoD) Does not contain any markings.
- You can create markings in this set to meet your application-specific
requirements.
- (DoD Classified) Prepopulates the following markings:
- Restricted Data
- Formerly Restricted Data
|
DoD, DoD Classified, and PRO (deprecated) |
Prevent RM Entity Deletion PRO |
- Prevents users who do not have the Records Administrators or Records
Manager role from deleting record categories, record folders, or records.
|
PRO (deprecated) |
Security Categories |
- Top Secret
- Secret
- Confidential
- Restricted
- Unclassified
|
PRO (deprecated) |