Fielding secure computer systems requires tradeoffs between functionality, flexibility, and security to meet the users' needs. Multilevel secure (MLS) computer systems provide better control over classified information than traditional systems and allow users from a diverse population access to information they need while protecting sensitive data. Users want the functionality of non-MLS computer systems; graphical user interfaces, a rich assortment of software, and electronic connectivity with other systems. Compartmented mode workstations (CMW) can provide such an environment. An overview of secure system architectures and an example MLS network provide the framework for discussing the risks associated with interconnecting MLS systems and unclassified networks, and approaches for mitigating those risks. A secure Email gateway, using a high-assurance (AI) network component, provides the necessary safeguards for protecting the MLS network from external attacks.
展开▼
