中文摘要：

针对多级安全信息系统中的信息保护和共享问题,将独立计算机系统中的BLP模型扩展至信息系统,引入需享原则和多级客体的概念,建立了一个面向应用的信息系统多级安全模型,提出信息系统的安全假设,给出了信息系统安全模型的形式化描述.该模型允许信息系统中需要共享信息的部门之间安全地共享信息,同时保持了信息系统的多级安全性.

英文摘要：

To address the problem of protection and sharing of information, the BLP model of stand-alone computer system was extended to information systems with multi-level security, the principle of need-to- share and the notion of multi-level object was introduced, and a multi-level security model of information system for application was developed. Then, some basic security assumptions were proposed, and the formal multi-level security model of information system was presented. The security model allowed the information to be securely shared with the right people and protected from the wrong people, while maintaining the multi-level security of information system.