Configuring a Multilevel Secure System
When MLS is active on an CA Top Secret system, MLS will behave differently depending on what options have been set to establish the MLS environment. In its most basic implementation, a security administrator can assign a security label to only those users and resources that need enhanced security protection, rather than to all users and resources. In its most complex implementation, a security administrator can assign security labels to all users and most resources in the system while protecting declassification of data. This is very stringent MLS. To be effective, MLS should be implemented based on the specific security requirements of your organization.