David Elliot Bell has an interesting essay on the US government and software security – little “inside baseball”, but informative. He cites my critique of MILS. One of Bell’s points, which is briefly mentioned in my note, is that composition is harder than many imagine. Systems A and B may meet some security level individually, but not when connected to each other.
Security notes