You are hereMultilevel Security

Multilevel Security


Multilevel Security is a Mandatory Access Control (MAC) policy designed to control the flow of information between subjects based upon their trustworthiness. In general information is allowed to flow from less trustworthy subjects to more trustworthy subjects.

 

Subjects are assigned labels that represent their trustworthiness while objects are assigned labels that represent their sensitivity. These labels are used along with fixed Bell-La Padula rules to control operations. In general, Bell-La Padula rules allows subjects to read objects at lower labels and update objects at their label.

 

The simple and static nature of the Bell-La Padula rules provides the potential for a higher assurance of correctness as compared to more complex and dynamic security policy models.

 

Trusted RUBIX fully integrates the Multilevel Security policy into its DBMS, labeling all DBMS objects and controlling access to all SQL operations. In addition, Trusted RUBIX fully integrates with the Multilevel Security policy of the underlying operating system, providing coherent total-system security behavior.

 

For more detailed information about Trusted RUBIX Multilevel Security please see the links below or see the Trusted RUBIX MLS White Paper.