As a network architect, you plan to build a small network in a Multi-Level Security (MLS) environment. Your goal is to enforce the Bell-La Padula (BLP) access control model in the network. In a nut shell, the model defines two mandatory access control rules:
No Read Up Rule: a subject (Low) at a lower security level must not read an object (High) at a higher security level. Simply, a Low entity cannot have read-access to a High object.
No Write Down Rule: a subject (High) at a higher security level must not write to any object (Low) at a lower security level. Simply, a High entity cannot have a write-access to a Low object.
How would you build the MLS network?
**** It may be helpful to the discussion to draw a diagram as an example and attach it to your posting. Please clearly state your assumption. To keep the discussion simple, assume only two security levels exist, High (Classified Security Level) and Low (Unclassified Security Level).