SELinux MLS is the NSA standard security for Linux. Many government entities and organizations that deal with sensitive data implement the Multi-Level Security (MLS) policy for SELinux. This allows them to implement not only targeted security policy to a node or cluster, but also secrecy levels and containers to separate different departments.
Aspen Systems engineers are certified in MLS Secure Linux. We can help you configure and provide you with turn-key MLS enabled Linux HPC Cluster using RedHat or CentOS Enterprise Linux. Our engineers are familiar with all aspects, from architecting policies to troubleshooting AVC denials to the complexity of software stack to successfully deploy an HPC Cluster using SELinux and MLS.
Contact our sales engineers today about SELinux MLS.
Multi-Level Security implements all the basics of SELinux and extends it further with Security Levels that can be associated to internal references such as “Confidential”, “Secret” and “Top Secret” as well as Containers, which can be associated with internal departments, external clients or projects to add a layer of extra separation for added security.
The following diagram displays the available data flows using an MLS configured system:
MLS implements a “read down” and “write up” policy, allowing higher Security Levels the ability to view, but not alter lower Security Levels and for information to pass “up the ladder” to higher Security Levels.