
The IX Multilevel-Secure Unix System (1992) - kick
https://www.cs.dartmouth.edu/~doug/IX/
======
throw0101a
For anyone curious about these things in general:

> _Historically few implementations have been certified capable of MLS
> processing with a security range of Unclassified through Top Secret. Among
> them were Honeywell 's SCOMP, USAF SACDIN, NSA's Blacker, and Boeing's MLS
> LAN, all under TCSEC, 1980s vintage and Intel 80386-based. Currently, MLS
> products are evaluated under the Common Criteria. In late 2008, the first
> operating system (more below) was certified to a high evaluated assurance
> level: Evaluation Assurance Level (EAL) - EAL 6+ / High Robustness, under
> the auspices of a U.S. government program requiring multilevel security in a
> high threat environment._

* [https://en.wikipedia.org/wiki/Multilevel_security](https://en.wikipedia.org/wiki/Multilevel_security)

On the networking side, see IPSO/CIPSO/CALIPSO security labels:

* [https://tools.ietf.org/html/rfc7569](https://tools.ietf.org/html/rfc7569)

~~~
throwaway3157
> In late 2008, the first operating system (more below)

I'm clearly missing it, but which OS is it talking about here? The two sources
from 2008 are not related to EAL6+

~~~
als0
Pretty sure this is referring to Green Hill's INTEGRITY real-time OS.

------
trasz
There was a number of “multilevel” Unixes, eg Trusted Solaris. Today there is
eg the MAC framework in OSX and FreeBSD.

~~~
jlgaddis
SELinux supports MLS as well.

~~~
lazyier
SELinux is probably the defacto standard for this sort of thing nowadays.

~~~
kjs3
MLS in the TCSEC sense is more than a set of features. For example, it
requires detailed auditing of the developing process. SELinux doesn't even
acknowledge that such requirements exist.

