Jump to content

Cross-domain solution: Difference between revisions

Add links
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Adding citation for the quote about acceptance criteria
Adding reference to more material about CDS
Line 2: Line 2:


A '''cross-domain solution''' ('''CDS''') is a means of [[information assurance]] that provides the ability to manually or automatically access or transfer information between two or more differing security domains.<ref>{{cite web |url=http://iase.disa.mil/cds/ |title=Cross Domain Enterprise Service (CDES) |date=2011-11-16 |work=Information Assurance Support Environment |publisher=Defense Information Systems Agency (DISA) |accessdate=2012-01-16}}</ref> They are integrated systems of hardware and software that enable transfer of information among incompatible security domains or levels of classification.{{Citation needed|date=October 2012}} Modern military, intelligence, and law enforcement operations critically depend on timely sharing of information.{{Citation needed|date=October 2012}} CDS is distinct from the more rigorous approaches, because it supports transfer that would otherwise be precluded by established models of [[computer security|computer]], [[network security|network]], and [[data security]], e.g., [[Bell–LaPadula model]] and [[Clark–Wilson model]].{{Citation needed|date=October 2012}} CDS development, assessment, and deployment are based on risk management.
A '''cross-domain solution''' ('''CDS''') is a means of [[information assurance]] that provides the ability to manually or automatically access or transfer information between two or more differing security domains.<ref>{{cite web |url=http://iase.disa.mil/cds/ |title=Cross Domain Enterprise Service (CDES) |date=2011-11-16 |work=Information Assurance Support Environment |publisher=Defense Information Systems Agency (DISA) |accessdate=2012-01-16}}</ref> They are integrated systems of hardware and software that enable transfer of information among incompatible security domains or levels of classification.{{Citation needed|date=October 2012}} Modern military, intelligence, and law enforcement operations critically depend on timely sharing of information.{{Citation needed|date=October 2012}} CDS is distinct from the more rigorous approaches, because it supports transfer that would otherwise be precluded by established models of [[computer security|computer]], [[network security|network]], and [[data security]], e.g., [[Bell–LaPadula model]] and [[Clark–Wilson model]].{{Citation needed|date=October 2012}} CDS development, assessment, and deployment are based on risk management.

The goal of a CDS is to allow an isolated critical network to exchange information with others, without introducing the security threat that normally comes from network connectivity<ref>{{cite web|title=Cross Domain Solutions|url=http://www.deep-secure.com/cross-domain-solutions/|publisher=[[Deep-Secure]]}}</ref>.


The three primary elements demanded from cross domain solutions are:
The three primary elements demanded from cross domain solutions are:

Revision as of 15:36, 5 November 2015

A cross-domain solution (CDS) is a means of information assurance that provides the ability to manually or automatically access or transfer information between two or more differing security domains.[1] They are integrated systems of hardware and software that enable transfer of information among incompatible security domains or levels of classification.[citation needed] Modern military, intelligence, and law enforcement operations critically depend on timely sharing of information.[citation needed] CDS is distinct from the more rigorous approaches, because it supports transfer that would otherwise be precluded by established models of computer, network, and data security, e.g., Bell–LaPadula model and Clark–Wilson model.[citation needed] CDS development, assessment, and deployment are based on risk management.

The goal of a CDS is to allow an isolated critical network to exchange information with others, without introducing the security threat that normally comes from network connectivity[2].

The three primary elements demanded from cross domain solutions are:

  1. Data confidentiality; most often imposed by hardware-enforced one-way data transfer
  2. Data integrity: content management using filtering for viruses and malware; content examination utilities; in high-to-low security transfer audited human review
  3. Data availability: security-hardened operating systems, role-based administration access, redundant hardware, etc.

The acceptance criteria for information transfer across domains may be simple (e.g.[citation needed] antivirus scanning before transfer from low to high security domains) or complex (e.g.[citation needed] multiple human reviewers must examine and approve a document before release from a high security domain)[3]. One-way data transfer systems (one-way traffic systems, data diodes),[4][5] are often used to move information from low security domains to secret enclaves while assuring that information cannot escape. Cross-domain solutions often include a High Assurance Guard.

Unintended consequences

In previous decades, multilevel security (MLS) technologies were developed and implemented that enabled objective and deterministic security, but left little wiggle room for subjective and discretionary interpretation.[citation needed] These enforced mandatory access control (MAC) with near certainty.[citation needed] This rigidity prevented simpler solutions that would seem acceptable on the surface.[citation needed] Automated information systems have enabled extensive information sharing that is sometimes contrary to the need to avoid sharing secrets with adversaries.[citation needed] The need for information sharing has led to the need to depart from the rigidity of MAC in favor of balancing need to protect with need to share.[citation needed] When the ‘balance’ is decided at the discretion of users, the access control is called discretionary access control (DAC) that is more tolerant of actions that manage risk where MAC requires risk avoidance.[citation needed] Allowing users and systems to manage the risk of sharing information is in some way contrary to the original motivation for MAC.

The unintended consequences of sharing can be complex to analyze and should not necessarily be left to the discretion of users who may have a narrow focus on their own critical need.[citation needed] These documents provide standards guidance on risk management:

  1. "Recommended Security Controls for Federal Information Systems & Organizations". Computer Security Division - Computer Security Resource Center. National Institute of Standards and Technology (NIST). August 2009., SP 800-53 Rev3
  2. "Security Categorization and Control Selection for National Security Systems" (PDF). The Committee on National Security Systems (CNSS)., Instruction No.[citation needed] 1253

References

  1. ^ "Cross Domain Enterprise Service (CDES)". Information Assurance Support Environment. Defense Information Systems Agency (DISA). 2011-11-16. Retrieved 2012-01-16.
  2. ^ "Cross Domain Solutions". Deep-Secure.
  3. ^ "Cross Domain Solutions - Ensuring Complete Data Security".
  4. ^ "Nexor Data Diode". Nexor. Retrieved 3 June 2013.
  5. ^ "Dual Data Diode Information Transfer Products". Owl Computing Technologies, Inc. Retrieved 2012-01-16.

Unified Cross Domain Management Office (UCDMO), Cross Domain Overlay, 1 December 2011, ver 1.0; provides extensive security control guidance to implement CDS platform address security controls for hardware and software, enforced with advanced inspections.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Cross-domain_solution&oldid=689198132"