Abstract: Apparatus and methods are described herein for multiple single level security (MSLS) domains including, but not limited to, a secure kernel hypervisor (SKH). The SKH configures a single multi-tenant cloud to host the MSLS domains. A cloud orchestration system (COS) configures the single multi-tenant cloud to set up a plurality of separate virtual work packages (VWPs) for the MSLS domains. A key management system (KMS) is configured to manage security objects associated with the MSLS domains.

Abstract: Apparatus and methods are described herein for multiple single level security (MSLS) domains including, but not limited to, a secure kernel hypervisor (SKH). The SKH configures a single multi-tenant cloud to host the MSLS domains. A cloud orchestration system (COS) configures the single multi-tenant cloud to set up a plurality of separate virtual work packages (VWPs) for the MSLS domains. A key management system (KMS) is configured to manage security objects associated with the MSLS domains.

Abstract: Systems and methods are described for orchestrating a security object, including, for example, defining and storing a plurality of policies in a database coupled to a policy engine and receiving, by the policy engine, the security object and at least one object attribute associated with the security object. In addition, the policy engine determines the acceptability of the security object based, at least in part, on the at least one object attribute and at least one of the plurality of policies corresponding to the at least one object attribute. The security object to at least one communication device associated with the policy engine is distributed when the security object is determined to be acceptable. The at least one communication device establishes communication based, at least in part, on the security object.