     |
MLS across Systems
Sending data protected by security labels across networked machines raises some interesting challenges:
How do you control access to network devices (sockets etc.)
How do you communicate the security classifications and categorizations to the remote system?
How can the sender ensure that the receiver respects the restrictions?
The last point is quite easy to answer: the sender needs to put complete trust into the receiver. In other words: the sender should only communicate MLS protected data to trusted receivers.
The restrictions can be communicated either through explicit tags across consenting systems - or - in case sender or receiver do not know how to use those tags - the channels (subnets) themselves can be tagged with security labels and stand in for the other end.