The present invention relates to a method and apparatus for secure, fast storage and retrieval of data from a storage device (such as a random access memory) without interactive checking. Information storage and retrieval is in accordance with the Bell and LaPadula (BL) security model, and no interaction with software nor information sensitivity labelling is necessary.
The Bell and LaPadula model defines a subject as an attempting accessor and an object as that to which access is sought. Given a subject's access privilege s and an object's access requirement o, where s and o are members of the same ordered set of sensitivities, the BL model asserts that:
(1) a subject may read an object only where s.gtoreq.o; PA1 (2) a subject may write an object only when o.gtoreq.s; and PA1 (3) a subject may neither read nor write an object when s and o are incomparable.
This last condition is impossible when the set of sensitivities is totally ordered. The BL model is a defacto standard general mathematical model of a secure computer, where secure means acceptably prevented from revealing unauthorized information.
The invention uses a combinatorial electronic device, referred to as a variable range adder (VRA), to automatically modify storage addresses and, thereby, enforce the BL model security standard for write and read access.