Trusted Extensions Login Process

The login process on a system that is configured with Trusted Extensions is similar to the login process for the Solaris OS. However, in Trusted Extensions, you examine several screens for security-relevant information before the desktop session can be started. The process is described in more detail in the sections that follow. Here is a brief overview.

1. Desktop choice – As in the Solaris OS, you choose which desktop to use. In Trusted Extensions, you must choose the Solaris Trusted Extensions (GNOME) desktop.

2. Identification – As in the Solaris OS, you type your username in the Username field.

3. Authentication – As in the Solaris OS, you type your password in the Password field.

   Successful completion of identification and authentication confirms your right to use the system.

4. Message checking and session type selection – You examine the information in the Last Login dialog box. This dialog box displays the time you last logged in, any messages from the administrator, and the security attributes of your session. If you are permitted to operate at more than one label, you can specify the type of session, single-level or multilevel.

   ---

   Note - If your account restricts you to operate at one label, you cannot specify the type of session. This restriction is called a single-level or single-label configuration. For an example, see Session Selection Example.

   ---

5. Label selection – In the label builder, you choose the highest security level at which you intend to work while in your session.

---

Note - By default, remote login is not supported for regular users in Trusted Extensions. If remote login is supported by your site, check with your administrator for the procedure.

---

Desktop Choice Before Login

When a Solaris workstation is not in a work session, it displays the login screen. The Trusted Extensions login screen is similar to the Solaris login screen. As in the Solaris login screen, you can choose a desktop from the Options menu.

Identification and Authentication During Login

Identification and authentication during login are handled by the Solaris OS. The login screen initially contains the Username prompt. This part of the login process is referred to as identification.

After you have entered the username, the password prompt is displayed. This part of the process is referred to as authentication. The password authenticates that you are indeed the user who is authorized to use that username.

A password is a private combination of keystrokes that validates your identity to the system. Your password is stored in an encrypted form and is not accessible by other users on the system. It is your responsibility to protect your password so that other users cannot use it to gain unauthorized access. Never write down your password or disclose it to anyone else because a person with your password has access to all your data without being identifiable or accountable. Your initial password is supplied by your security administrator.

Review Security Attributes During Login

The review of security attributes is handled by Trusted Extensions, not by the Solaris OS. Before login is complete, Trusted Extensions displays the Last Login dialog box. This dialog box provides status information for you to review. You can review past information, such as when the system was last used by you. You can also review the security attributes that are in effect for the upcoming session. If your account is configured to operate at more than one label, you can select a single-level or a multilevel session.

You then view your single label, or choose a label and clearance from the label builder.