Threat & Risk Management
The Bell–LaPadula Model (abbreviated BLP ) is a state machine model used for enforcing access control in government and military applications. [ 1 ] It was developed by David Elliott Bell and Leonard J. LaPadula, subsequent to strong guidance from Roger R. Schell to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. [ 2 ] [ 3 ] [ 4 ] The model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g."Top Secret"), down to the least sensitive (e.g., "Unclassified" or "Public").