12.1. Why Use Trusted Extensions?

Many organizations have policies for restricting access to information and for sharing information with others. Whether the data is associated with national security, human resources, financial records, or healthcare, policies are defined that are supposed to limit access to appropriate personnel. For example, there might be rules about labeling printed output, sharing information based on need to know, not making copies, and so on. When these policies are left to the discretion of the individuals who have access to or ownership of the data, there is no guarantee that these policies will be followed.

Strict enforcement of these policies requires a system that implements mandatory access control. Trusted Extensions enforces mandatory policies that are based on the value that is assigned to the data. Every piece of data under the control of the operating system is labeled according to its sensitivity. Data flows that are in violation of the labeling policy are not permitted. Users can share data only with other users and hosts who have been cleared to receive the data. Printed output is automatically labeled. All data on the screen are labeled. Network transmissions are prevented unless the peers are each cleared at the level of the data. Access to removable media is limited to authorized personnel and restricted by labeling rules.