This page allows you to create and view clearances. Once defined, a clearance cannot be deleted, but it can be renamed. You can authorize a user to possess a given clearance from the Security > Clearances page on the User object.
NMAS provides one defined clearance called Multi-level Administrator. This clearance has a Read label of Biometric & Password & Token and a Write label of Logged in. This clearance has rights to read and write to any information on the network.
You can also create additional clearances to meet your company's needs.
When defining a clearance, you need to assign a read label and a write label. A user can read and write to objects whose labels span the same range from read label to write label. The read label must dominate or be equal to the write label. For example, the Password & Token label has a dominance over the Password label. So, you could select the Password & Token label as your read label and the Password label for your write label.
You cannot assign a write label that has a lower dominance to the read label. For example, you could not select the Password label as your read label if you wanted to have the Biometric & Password label as your write label.
Labels that share the same level have equal dominance. For example, Password & Token and Biometric & Password are of equal dominance.
Note: See Chapter 3 Using Graded Authentication in the NMAS Administration Guide for further information on dominance.
Create Clearance
To create a new clearance:
View Clearance
To view a clearance, select a clearance name from the Clearance drop-down list. The assigned read label and write label will appear.