Information flow enforcement for multilevel secure systems

Assignee

• Rockwell Collins, Inc. · US

Inventors

• James A. Marek · Anamosa, US
• Jonathon C. Skarphol · Robins, US
• Adam W. Pfab · Cedar Rapids, US
• Edward C. Tubbs · Cedar Rapids, US
• John G. Bendickson · Vinton, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/101
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A multilevel security fabric with address management units communicatively coupled to ports of a communication fabric and nodes of a multilevel security system are disclosed. The communication fabric facilitates communication between the nodes. An address management unit associated with a particular node extracts address maps contained in data requests associated with the particular node and regulates communication of that node any other nodes within the system across the communication fabric based on whether the extracted address maps are within an allowable address access range specified for the particular node. In the event that an extracted address map fails to fall within the allowable address access range, the address management unit may block the communication with the particular node. Accordingly, the address management unit may enforce multilevel communication across the communication fabric with high assurance.