Multilevel security (MLS) refers to the ability of a communication system to handle information with different classifications (e.g., different security levels), permit access by users/applications with different security clearances, and prevent users/applications from obtaining access to information for which they lack authorization. Management of information flow for MLS systems is critical.
Conventional information flow management and mediation techniques for MLS systems generally rely on high assurance custom infrastructures or trusted computing elements (e.g., high assurance separation kernels hosted on evaluated processors) to facilitate all transactions of MLS traffic flows. Trusted computing elements tend to be either low performance or high power, very complex, and high cost, which are especially true when high assurance support is required.