首页>
外国专利>
MULTI-LEVEL SECURITY SYSTEM FOR ENABLING SECURE FILE SHARING ACROSS MULTIPLE SECURITY LEVELS AND METHOD THEREOF
MULTI-LEVEL SECURITY SYSTEM FOR ENABLING SECURE FILE SHARING ACROSS MULTIPLE SECURITY LEVELS AND METHOD THEREOF
展开▼
机译:跨多个安全级别启用安全文件共享的多级安全系统及其方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A multi-level security system includes a storage medium partitionable into a plurality of partitions, a file system coupleable to the plurality of partitions, and a plurality of enclaves. Each enclave is assigned a security classification level. Each enclave resides in a different storage partition of the storage medium. Data stored on the storage medium is cryptographically separated at rest on a per-enclave basis. Cryptographic separation occurs at the disk block level, allowing individual blocks to be read and decrypted. The system also includes a reference monitor that enforces a system security policy that governs access to information between the enclaves. The reference monitor allows an enclave having a first classification level to securely read-down to an enclave having a second classification level lower than the first classification level and to write to another enclave having the first classification level.
展开▼