New command and control systems consist of complex networks of distributed processing elements, workstations, and data bases. Many of these systems, such as wis, usafe incomnet, and Mac GDSS have identified requirements for a MLS/trusted gateway interface device to provide automated interconnection to systems at other security levels. the DDN security architecture has identified a similar requirement to interconnect system segments. The objective of this SBIR program is to demonstrate an approach to implementing this capability on a cots hardware base, with significant reduction in the size of the TCB over previous approaches. The approach is based on the modular security concepts developed on the radc multinet program, which was implemented on a unique hardware base because technology to support the design was not available. Recent advances in microprocessor bus architecture now allow the concepts to be applied to a more cost effective cots hardware base. New chip level encryption technology will be utilized to reduce the amount of trusted software required, using techniques originally proposed for secure data base systems.