1. Field of the Invention
The present invention relates to TDM and TDMA communications systems or networks that can provide multiple levels of security (MLS).
2. Discussion of the Known Art
Present secure communications systems, whether for military, industrial, commercial, or private use, typically require separate physical sub-systems for each security level supported depending upon the kind of information to be communicated and the parties involved in the communications. Different levels of security are defined, for example, in DOD 5200.28-STD entitled Department Of Defense Trusted Computer System Evaluation Criteria (December 1985). In broad terms, the security levels are characterized by four divisions, namely, Divisions A to D. Division A is the highest protection and is known as Verified Protection. The next level, Division B, is Mandatory protection; followed by Division C, Discretionary Protection; followed by the lowest level, Division D, Minimal Protection.
The above DOD Standard also provides mandatory access control requirements for the different levels of security. Particularly in the military, the DOD, and governmental agencies such as NASA, hierarchical mandatory access control is required. Moreover, hospitals and commercial companies may require non-hierarchical mandatory access control to be maintained for their information or materials.
U.S. patent application Ser. No. 10/837,790, filed May 3, 2004, titled Method and Apparatus Providing Multiple Single Levels of Security for Distributed Processing in Communication Systems and assigned to the assignee of the present application and invention, describes the use of multiple single levels of security (MSLS) in the Joint Tactical Radio System, known under the acronym JTRS. Prior MSLS systems required involved security certifications and typically had inadequate networking capability. Accordingly, the inventors of the '790 application recognized the need for a MSLS system capable of meeting all the security requirements for such systems, as well as permitting the distribution of secure intelligence and information with minimal security certification efforts and providing networking functionality between channels operating with the same security label.
Specifically, the '790 application discloses a communications system wherein a physical switch provides multiple single levels of security. In the disclosed system, all switching is centralized and separate cables must be run between a central control location and all the individual ports and channels of the system, however. It would therefore be more efficient and economical if all the ports and channels of the system can be connected using only a single cable. The system of the '790 application also requires physical separation of signals, thus limiting the number of possible connections to the available routing resources. It would therefore be desirable to use bandwidth resources instead, thus allowing for a larger number of interconnects in the same resource space.