In the multiple master-domain model, all master domains are linked to each other by trust relationships. Users in all domains can then access resources in any domain. However, some records should not be available for all employees to access, such as confidential financial records and personnel files. The solution is to create domains that are exclusively for the departments with confidential records, such as Finance and Human Resources. Those domains are trusted by the master MIS domain, but they do not trust other domains. Finance and HR users can then access MIS resources, but their own resources remain secure.
Figure 2.8 Secure domain model