Modeling a secure computer system. Paper
Multilevel Security describes the capability of a computer system or network to process information with different sensitivities. Sensitivities are in this context different security levels and needs-to-know- properties. The multilevel security computer system permits simultaneous access by users with different security clearances and needs-to-know properties. It also prevents users from obtaining access to information for which they lack authorization. Unfortunately, multilevel security computer systems have to fulfill many security restrictions. That leads directly to a decreased usability of the computer system. Therefore, this presentation offers solution ideas for increasing usability of multilevel security computer system. For this, we describe a label based model of multilevel security computer system by using of existing approaches and present the security restrictions of the system. After this, we show the negative influence of these restrictions to the usability of the system by modeling this multilevel security system with a special use case. This use case is the transfer of sensitive data to an unsecured network and the workflow of users with different security levels and needs-to-know properties. We show usability problems and present problem solution approaches to avoid or bypass these usability probelm (e.g. high level security gateways etc.) and we show how these problem solution approaches can be realized e.g. by use of methods from text classification.