Security Label  

A security label is a collection of attributes associated with an MHS message or entity which permits its classification in terms of a security level. The security label attributes include:

a security policy identifier

which identifies the security policy with which the security label is associated,

a printable privacy mark

which identifies the level of privacy to be afforded a message or report (e.g., ``In Confidence'', ``In Strictest Confidence''),

a security classification

which classifies a message or report for security purposes (e.g., ``Unclassified'', ``Confidential'', ``Top Secret''),

a set of security categories

which restricts the context of the privacy mark, the security classification, or both. The categories are application-defined, and may include codewords or caveats to the privacy mark or security classification (e.g., ``Personal-'', ``Staff-'', ``Commercial-'').

Security labels may be transferred in MHS messages and reports, conveyed during the association establishment between two MHS entities (e.g., a UA may transfer security labels when connecting to its MTA), or registered with MHS entities (e.g., an MTA may maintain a registry of security labels for its users).