MIP Usecase Question RRS feed

  • Question

  • Hi. i digged trough the Documentation (MIP SDK) but before getting any further I want to tell you my usecase and ask if anyone of you did something similar and if it worked. Also I am stumbling due to some problems someone of you might have a solution for i just dont get yet. So the usecase is:

    A file is labeled by User A or by an automated algo A as highly classified. User B (CEO) is allowed to read and change this file. User C (Customer) ist not, but User B wants to send and make it readable for user C. So User B needs to change the label even though he himself did not create or label the file. In my understanding this is possible as files can be downgraded or the label changed/deleted. The first question here is, if in the profiles class I can make settings so that User B has a role the always allows him to change labels the way he wants also if he is not the owner of the file.

    So now there are some problems. If User B changes the label so that User C is able to read or even change the file, all other users that have access to the downgraded label can now access the file as well. Thats of course not intended as it is still highly classified and the CEO only wants that one external user to read the file (besides the users that are allowed to read highly classified files). So I have some ideas that might work and I wanna talk about:

    • the file gets a second label (temporary unclassified or so) that can be accessed by external users. Problem. also other externals can see it. -->bad solution
    • the file gets a second, custom label, but access to this label is only granted for User C. This seems by far the safest solution, but if possible I want all changes to be made within office/exchange (change label, define mailadress of User C that has access). So question two: is it possible to attach such custom labels that are bound to a specific address?  Is that possible without installing/building custom software? Is it even possible to attach two different labels?
    • downgrade the label by User B (if that can be allowed for User B if he is not the owner of the file). Disadvantage: Other users that can access this downgraded label can access this file as well. -->bad solution
    • downgrade the label for a copy of the file and leave the original file with the high classification. The file with the downgraded label can only be accessed by User B. This solution would kick in if it is not possible to set a second label.
    • access file via a token. User B generates a token that is sent to User C and gains him access to the file, independant from the classification of the file. As tokens can be generated (also by a non admin, but by User B if has the appropriate role?) this would be the best solution. Best case it works easy for the CEO to generate the token for User B.

    Thanks for taking time to read all this and maybe there are answers, if those ideas would work or maybe you have other solutions.

    Tuesday, August 18, 2020 8:07 AM