Skip to Main Content
Multi-Level Security, MLS, refers to handling information from different levels of security classification securely by people from different levels of clearance. We propose a structured document format to host data from different classification levels (e.g. RESTRICTED and SECRET) in the same, modifiable document. The document access control is enforced cryptographically - content and access control information is encrypted and digitally signed, but the document structure itself is independent of the adjoining key management architecture. We detail the different security-related metadata and sanitization procedures needed for passing data from a common storage to a user with lower clearance.