An Architecture for Multilevel Secure Interoperability

Myong H. Kang, Judith N. Froscher & Ira S. Moskowitz

As computer systems become distributed and heterogeneous, there is strong movement in the commercial sector to ease the problems of interoperability and security. Many standards have been proposed for these problems. However, the commercial sector has not shown strong interest in providing cost-effective high-assurance multilevel security (MLS) solutions to the relatively small communities (e.g., intelligence, military) that require them.

In this paper, we introduce a practical, cost-effective, and high-assurance secure solution for multilevel distributed and heterogeneous environments using COTS components. The solution is based on an MLS architecture that consists of commercial single-level hardware and software, and a few specialized security devices. We show how an MLS CORBA can be constructed from single-level CORBAs and two security devices; the NRL Pump and Starlight Interactive Link. We also introduce the concept of MLS cooperative computing which is a way to semi-automate distributed computing among organizations at different security levels.