CREATE SECURITY LEVEL

Use the CREATE SECURITY LEVEL command to create a security level, giving it a name and a value.

Synopsis

Syntax for creating a security level:
CREATE SECURITY LEVEL <level-name> VALUE <level-number>

Inputs

The CREATE SECURITY LEVEL command has the following inputs:
Table 1. CREATE SECURITY LEVEL inputs
Input Description
<level_name> An identifier for the level name. The name must be unique among security level names. Due to the total size limitation of the system security label field, use short level names. For compatibility with other vendors, do not use delimited identifiers, but use only ASCII characters, and limit name length to 30 characters.
<level_number> A positive integer level value 1 - 32766. Higher levels are more secure; lower values are less secure.

Outputs

The CREATE SECURITY LEVEL command has the following outputs:
Table 2. CREATE SECURITY LEVEL outputs
Output Description
CREATE SECURITY LEVEL The message that the system returns if the command is successful.
ERROR: permission denied. You must have Manage Security privilege to create a security level.
ERROR: level number <number> already exists. The specified level number exists. A level number can only have one name.
ERROR: level number <number> is out of range. The level number must be 1 - 32766. Level number 0 is pre-defined by the system as level PUBLIC. Level number 32767 is pre-defined by the system as level OMNI. Negative level numbers are not allowed.
ERROR: object <level-name> already exists. The level name must be different from all other security level names.

Description

This command creates a security level of the given name. The security manager must carefully allocate level numbers. It is recommended to leave gaps between levels so that a level can be added if needed later.

Privileges required
You must have Manage Security privilege to create security levels.
Common tasks
Use the CREATE SECURITY LEVEL command to update the system catalog to add the new object, and update the security level name to value mapping.

Usage

The following provides sample usage:
CREATE SECURITY LEVEL SECRET VALUE 99;