FileNet P8 Platform, Version 5.2.1            

Marking security: Add, Remove, Use

Marking security consists of the Add marking, Remove marking, and Use Marked Objects.

Add marking and Remove marking

A user with Add rights to a marking can set the property value associated with the marking, if it has not been set. Only those markings to which the user has Add rights will show in the list of marking values available to be set in a property. A user with Remove rights to a marking can remove the marking value.

For example:

  1. A Document has a property associated with a marking set. No value has been specified for the property.
  2. The marking set has markings Red, Blue, and Green.
  3. Alice has Use rights to Red; Use and Add rights to Blue and Use, Add and Remove rights to Green.

    When Alice views the Document properties, she can set the property value to Blue or Green but not Red. If the property was set to Green, she could alter it to be Blue. If the property was set to Blue, Alice would be unable to alter the property's value.

Use Marked Objects

Use right determines whether the presence of the marking on an object constrains access to that object. If the user has Use right to the marking, access to the object will not be constrained.

Effect of use marking on object access

In this example, Alice has the Use Marked Objects access right which lets her bypass the marking. Her access to the object will be evaluated by the object's ACL. Bob does not have Use Marked Objects and therefore will neither see nor have access to the object, regardless of any permissions the object's ACL might grant him.

Markings and marking sets are Content Platform Engine objects, each with a class description:

  • Markings are objects that combine metadata behavior with access control behavior in a way that allows an object's access control to change by changing a property value.
  • Marking sets are containers for markings. Marking sets are associated with a Property Template which can then be used to add a property to one or more classes.


Last updated: October 2015
p8psa060.htm

© Copyright IBM Corporation 2015.