The author of this document has limited its availability to on-campus or logged-in CSUSB users only.

Off-campus CSUSB users: To download restricted items, please log in to our proxy server with your MyCoyote username and password.

Date of Award


Document Type

Restricted Project: Campus only access

Degree Name

Master of Science in Information Systems and Technology


Information and Decision Sciences

First Reader/Committee Chair

Joon Son


1. The Bell-LaPadula Model enforces the Multilevel Security access control policies by implementing simple security property and star property. No published research has been done to identify vulnerable node in the Information Flow Digraph and measure their level of vulnerability. In this Culminating Experience Project, the Multilevel access control policy digraph representing Bell-LaPadula Model was transformed into Information Flow Digraph representing the information flow between the Subject and Object. The questions for this project were: Q#1: How should we interpret the critically identified nodes from the information flow perspective (or in MLS context)? Q#2: If the critically important node(s) is (are) compromised or polluted, what are the negative impacts that it (or they) can bring to the whole network?

2. Our findings can be summarized by answering the above questions, The answer for Q#1 is: The Betweenness Centrality algorithm is applied to this information flow digraph, to identify the most important entities in the network. These most important entities can be interpreted as the most vulnerable nodes in the network from the Information flow perspective and their vulnerability levels can also be measured. The answer for Q#2 is: If these most vulnerable nodes are compromised then their polluted data files can be propagated into the whole network in the shortest possible ways. The conclusion is that, by locating the important node by using betweenness centrality algorithm, we show how this critically important node can be interpreted in multilevel security context from the information flow perspective. Areas for further study includes if an additional factor such as security level is added to our model, we like to study how this additional factor can change the way we identify the vulnerable nodes and measure their vulnerabilities.