With　the　rapid　development　of　informationization　process,　the　demand　to　collaborate,　share,　and　exchange　information　between　different　departments　of　information　systems　has　become　more　and　more　imperative.　By　introducing　the　principle　of　need-to-share　and　the　notion　of　multi-level　object,　a　multi-level　security　model　of　information　systems　based　on　the　BLP　model　is　proposed.　Then,　the　formal　description　and　security　analysis　of　the　multi-level　security　model　is　presented.　The　new　security　model　allows　information　being　securely　shared　with　the　right　users　and　protected　from　the　wrong　users,　while　maintaining　the　multi-level　security　of　information　systems.　©　2011　IEEE.