On Sat, 26 Aug 2006 04:59:46 +0100 (BST), Robert Watson
<rwatson@FreeBSD.org> wrote:
> 
> The less often seen variation is the floating label version, in which subjects 
> are "downgraded" when they touch lower integrity objects, such as packets from 
> untrusted network interfaces, etc.  The theory behind this is that it requires 
> less configuration -- you mark your trusted "stuff" and things remain with 
> high integrity rights until they touch something less trusted.  mac_lomac 
> implements this on FreeBSD, but is considered quite experimental.  I believe 
> there's a recent Linux implementation by IBM; the older implementations done 
> by Tim Fraser at TIS were done on FreeBSd and Linux, and were published about 
> at USENIX, I think.
> 
The oldest implementation I know of is by Doug McIlroy and Jim Reeds:
"Multilevel security in the Unix tradition", Software -- Practice and
Experience, 1992, vol 22, pp 673-694.  Google Scholar has it indexed; I
highly recommend reading it.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb