TY  - JOUR
AB  - Purpose– The purpose of this paper is to propose and describe a concept for multilevel security (MLS) that may be advantageous in information systems with a limited number of security levels. The concept should also adapt to information systems with limited capacities.Design/methodology/approach– Assuming that confidentiality, integrity and availability are mutually independent security attributes of a generic information object, security requirements are modelled as a multidimensional vector space. Each axis represents one dimension of security. An axis is divided into an arbitrary number of levels. The paper shows how rules from the classic MLS models may enforce one‐directional information flow simultaneously and independently along each axis. By controlling flow this way, insecure or undefined states cannot be reached.Findings– Handling different MLS properties independently enables an effective verification algorithm based on simple logical or binary operations. Verification of rights can be executed within a few clock cycles.Research limitations/implications– Future research includes formal in‐depth studies of potential applications in databases, sensor information, operating systems and communication networks.Practical implications– Simple logical port circuits may implement the proposed verification method. The method is well suited for tamper proof devices immune to software‐based attacks.Originality/value– The paper describes a MLS concept that combines dimensions of security, like confidentiality, integrity and availability. The concept intends to be a “light‐weight” alternative to classic MLS models.
VL  - 16
IS  - 5
SN  - 0968-5227
DO  - 10.1108/09685220810920521
UR  - https://doi.org/10.1108/09685220810920521
AU  - Winjum Eli
AU  - Kjetil Mølmann Bjørn
PY  - 2008
Y1  - 2008/01/01
TI  - A multidimensional approach to multilevel security
T2  - Information Management & Computer Security
PB  - Emerald Group Publishing Limited
SP  - 436
EP  - 448
Y2  - 2024/04/16
ER  -