An Improved Method of Access Control Based on BLP Model in MILS

MILS (Multiple Independent Levels of Security) is a high-assurance architecture that protect different security levels information sharing. In order to provide guarantee for a variety of information sharing security, MILS allow software components that have multiple security levels or multiple data domain to run on a single processor. But in specific applications, in order to achieve multiple information interaction and sharing between partitions, the problem of which illegal authorization, unauthorized access and malicious disclosure of sensitive information between different levels of applications will be introduced. From the point of information flow control, the paper put forward a model and method of information flow security control strictly between MILS partitions based on trusted computing. We designed a model based on BLP and access control model of state transition strategy, the policies break the traditional BLP model rules " read down, write up", which meet the needs of the security level for subjects and objects according to the changes of task requirements in MILS. After analyzing, the model can efficaciously protect confidentiality and integrity of the sensitive information, and improve the dependability of the whole system.