Multi-level security for service-oriented architectures

Abstract

Multi-level security (MLS) is a well-established and thoroughly studied approach towards security. Service-oriented architectures are emerging in the commercial world and promise increased flexibility and better interoperability. While both concepts have substantial merit, there is no well-established approach for combining both. In this paper, we propose a conceptual design for MLS in a service-oriented architecture and describe how the conceptual design can be realized in today's defense networks that are structured into mutually isolated network zones with different confidentiality classifications.