Present communications systems, typically bidirectional communications systems, whether for military, industrial or commercial use, or for use between private individuals, typically require separate physical systems for each security level supported. The requirements depend upon the types of information being communicated, and upon the parties involved in the communication.
Different levels of security are defined in DOD 5200.28-STD, entitled “Department Of Defense Trusted Computer System Evaluation Criteria,” dated December 1985. In broad terms, the criteria are characterized by four divisions, namely, “A, B, C and D”. Division A is the highest protection, and is known as “Verified Protection.” The next level is “Division B: Mandatory Protection”; followed by “Division C: Discretionary Protection”; followed by the lowest level “Division D: Minimal Protection.” DOD5200.28-STD also provides the mandatory access control requirements for these levels of security.
Particularly in the military field, including the armed forces and DOD, and governmental agencies such as NASA, and many others, hierarchical mandatory access control is required. Similarly, hospitals and commercial companies, for example, may require non-hierarchical mandatory access control to be maintained for their information or material.
Prior U.S. patent application Ser. No. 10/837,790, filed May 3, 2004, entitled “METHOD AND APPARATUS PROVIDING MULTIPLE SINGLE LEVELS OF SECURITY FOR DISTRIBUTED PROCESSING IN COMMUNICATIONS SYSTEMS”, and assigned to the assignee of the present invention, describes the use of Multiple Single Levels of Security (MSLS) in the Joint Tactical Radio System, known under the acronym JTRS. The known MSLS systems require involved security certifications, and typically have inadequate networking capability. Accordingly, the inventors of the prior application recognized that there was a need in the art for a MSLS system capable of meeting all of the security requirements of such systems, in addition to permitting the distribution of intelligence or secure information or material in a manner minimizing security certification efforts, while providing networking functionality between channels operating with the same security label. They further recognized that there was a need for such MSLS records and apparatus not only for JTRS systems, but also for use in any applicable communications system requiring MSLS. The prior application thus discloses a system wherein a physical switch provides multiple single levels of security. However, in the system disclosed in the prior application, all switching was centralized and required that separate cabling be run from the central control to all the individual ports and channels of the communications system. The inventors of the present system have recognized that it would be more efficient and economical if only a single cable was used to connect all the ports and channels of the communications system. Also, the prior invention required physical separation of signals, limiting the number of possible connections to the available routing resources. It would therefore be desirable to use bandwidth resources instead, allowing for a larger number of interconnects in the same resource space.