Multilevel security (MLS) is a technology to protect secrets from leaking between computer users, when some are allowed to see those secrets and others are not. This is generally used in defense applications (the military and intelligence communities) since nobody else is nearly as paranoid about data leaking. A modern wrinkle on this is called cross domain systems (CDS) in which we speak of domains instead of levels, and are usually sharing data on computer networks instead of individual computers
Personally, I was introduced to MLS through my work on the LOCK trusted computing system in the early 1990s.
Here are some MLS materials available on this site:
Note that some people like to spell it "multi-level security." I think the term is old enough that we can omit the hyphen.
Several years ago I was at a workshop sponsored by the Air Force to develop some new directions for information systems improvements. The workshop included both "end user" representatives from the Air Force and "R&D" representatives from laboratories and government contractors.
Discussions on MLS capabilities became rather heated. One vendor representative from the security working group declared the following in a plenary session:
"Don't ask for MLS. We've tried to give you MLS, but in fact you've never really wanted it or used it. But please, tell us what you do want!"
A voice in the back shouted, "MLS!"
That little incident reflects an important fact about MLS: it's an overloaded term that describes both an abstract security objective and a well-known mechanism that is supposed to achieve that objective, more or less. In her well-known paper on software safety, Nancy Leveson criticizes this type of labeling:
Labeling a technique, e.g., "software diversity" or "expert system," with the property we hope to achieve by it (and need to prove about it) is misleading and unscientific.
Unfortunately, we're stuck with the established terminology, so now we must focus on distinguishing between the two meanings.
This article by Rick Smith is licensed under a Creative Commons Attribution 3.0 United States License.