Issue No. 06 - June (1990 vol. 16)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.55093
<p>A model is presented that precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network. The mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of nondiscretionary access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the model.</p>
multilevel security; computer networks; security policy; multilevel secure network; entities; security classes; computer systems; network devices; subjects; security clearances; nondiscretionary access control; information flow control; trusted network base; set-theoretic concepts; computer networks; security of data.
M. Sundareshan and W. Lu, "A Model for Multilevel Security in Computer Networks," in IEEE Transactions on Software Engineering, vol. 16, no. , pp. 647-659, 1990.