Data often moves between areas with varying classification and security levels, prompting the need for a solution that can guard critical data, irrespective of where it is traveling, from unauthorized access.
In this blog, you'll learn what a cross domain solution (CDS) is, how it works, and why it is critical to protecting sensitive and classified information traveling between different domains.
A cross domain solution (CDS), also known as a high-speed guard solution, is a controlled interface made up of an integrated hardware/software system that facilitates the exchange of sensitive and classified information across network domains with incompatible (different) security levels. Oftentimes, this is a trusted and untrusted domain.
This exchange can take place within hardware-based environments or software-based environments such as virtual machines.
The U.S. National Institute of Standards and Technology (NIST) defines a cross domain solution as:
“A form of controlled interface (a boundary with a set of mechanisms that enforces the security policies and controls the flow of information between interconnected information systems) that provides the ability to manually and/or automatically access and/or transfer information between different security domains.”
Cross domain solutions were developed specifically to provide absolute network integrity assurance and data confidentiality to the networks of the U.S. Government, Intelligence Community (IC), and defense branches.
Now, they can also be found in critical infrastructure, commercial, international defense, and intelligence applications to securely transfer data between domains.
There are three primary reasons why a cross-domain solution is necessary:
First, virtually every organization must deal with sensitive and classified information traveling to and from network domains with differing security levels; in fact, the average organization has over 300 third-party or external direct connections to their network.
Second, data of varying classification levels is usually kept on separate hardware, also known as an air gap, dramatically increasing costs and depriving military, government, and intelligence personnel of critical data.
Finally, it is not enough for organizations in high-risk environments--such as the military, critical infrastructure, and intelligence operations--to have traditional security measures like firewalls or an intrusion detection system (IDS). Additionally, the use of virtual machines and other software-based systems has increased vulnerability to cyberattacks.
High-assurance security with advanced content filtering, such as a cross domain solution, solves these problems by securing the trusted domain as well as information sharing without the risk of data exposure, corruption, or leakage.
Cross domain solutions can be classified into two categories: access solutions and transfer solutions.
Access solutions allow users to go through information and resources scattered in multiple domains using a single workstation, whereas transfer solutions facilitate the movement of information across domains.
Cross domain solutions can also be hardware-based, software-based, hybrid, or cloud-based.
Hardware-based cross domain solutions contain a hardware firewall such as a field programmable gate array (FPGA) to ensure data is securely processed and transferred in between domains. FPGAs can also implement encryption/decryption, data filtering, and access control.
Learn more about the different types of cross domain solutions here.
A cross domain solution enables information to flow to and from incompatible security domains.
A majority of cross domain solutions feature dedicated software applications running on trusted computing, which serve as a guard in the midst of two discrete security domains: classified and public data.
Only data that meets stipulated criteria is allowed to move between domains. The criteria for approval of legitimate information may be simple or complex.
Cross domain solutions embrace the NSA-certified cross domain collaboration solution based upon the DoD's (Department of Defense) NCES (Net Centric Enterprise Services) standard.
In addition, the Cross Domain Collaborative Information Environment (CDCIE) enables information exchange in text and whiteboard format through a language translation feature and standards-based web services among DoD and other government/non-government agencies operating at various classification levels.
A cross-domain solution architecture is composed of three parts:
The primary function of Collaboration Gateway is to carry out verification of data passing through the cross domain guard.
CG paves the way for secure and reliable cross domain information transfer by aligning itself with an XMPP-capable client. It sits at the heart of CDCIE, supplying mechanisms for triggering collaboration via any cross domain solution that can transfer XML traffic.
CG assesses the legitimacy of the user, his or her presence, and the nature of metadata to control the type of information approved for viewing by individual users.
In addition, CG extends support for the U.S. Intelligence Community's metadata standard meant for chat messages' classification labeling, and it has in place modular, plug-in architecture supportive of every XMPP collaboration tool with the cross-domain extensions required for creating security policies.
Here are some other functions performed by CG:
CG integrates the XML digital signature and XML encryption algorithms to implement these security policies along with using strong user identification, authentication, and authorization measures. This allows for enhanced confidentiality and data integrity.
Cross domain solutions work across different networks to make requested information available to a user, but only after accessibility rights are determined.
Here's how that's done.
First, a cross domain solution distinguishes data types--text, voice, video, or other--and the related applications--telephone, instant messaging, video feeds, pictures, or teleconferencing--to ensure uninterrupted service over a common infrastructure.
In order to do this, varying bandwidths, speeds, and latency is taken into account, and cross domain solutions must exercise discretionary scheduling during peak periods to keep users updated about the latest events.
Second, cross domain solutions make information accessible only to domains that match the security criteria for data handling.
There are three ways that data can be transferred:
In addition, there can also be times when data that is inside the main domain needs be accessed by domains with higher or lower classification levels.
However, this data needs be protected against hacker intrusion.
To ensure the data is secure, a combination of manual and automatic protections are put into place to make sure that the information is kept safe when stored or transmitted between domains.
This is where cross domain solutions come into play: each domain is connected to one--or more--secure, trusted cross domain solutions. Any information that flows through these domains must adhere to the policies and constraints intended to protect sensitive and classified information.
For example, cross domain solutions require that each piece of information is tagged with trusted security labels to ensure that information shared across multiple domains is kept safe.
There are three primary categories of security for cross domain solutions: security-enforcing mechanisms, secure architecture and design, and system assurance and secure operation.
Let's take a look at each:
Security-enforcing mechanisms are context-dependent. These measures include:
Cross domain solutions must be securely designed. Some examples include:
Cross domain solutions must be secure not just in design, but while operating as well. Some examples include:
There are five main benefits of cross domain solutions: usefulness, security, cost savings, interoperability, and compatibility.
Let's explore each in detail:
Cross domain solutions allow a user operating from any network to locate and interact with any relevant user who possesses the information and skills to successfully complete a project.
Information sharing is random, quick, and resilient, serving a number of users on a number of different networks. The information is shared with corresponding images and files.
In compliance with the federal government, DoD, and intelligence agencies, cross domain solutions encompass three main aspects of data security. They are:
Cross domain solutions can moderate user's access rights to messages at each classification and dissemination control combination point, ensuring the easy and rapid identification of incorrectly marked messages.
The client chat tool is aware of security restrictions and provides classification labeling in the user interface, inserting them into the chat message.
Cross domain solutions also have in place strong, user-proof logging of each and every collaboration. This ensures that unauthorized disclosure of information is detected later on during review.
As mentioned previously, data of different classification levels that is needed by government and military organizations is often kept on separate servers, which increases costs.
Cross domain solutions reduce costs substantially by eliminating the need for data to be protected on each system and doing away with human review each time information from a higher classification level needs to be downgraded for access by a lower level.
A cross domain solution is a single piece of hardware that discloses specific information at specific classification levels to specific users who need it while restricting access for unauthorized users, streamlining the process of sharing data.
This data is shared without exposing all confidential data, protecting networks and users from hacker attacks and data corruption.
Cross domain solutions are interoperable with earlier transfer solutions, eliminating the need for costly and unnecessary duplication of existing capabilities.
Cross domain solutions are compatible with emerging Federal Collaboration Standards, reducing the time a user needs to adapt to a new system and, once again, preventing the need for duplication of tools.
The first step in implementing a cross domain solution is identifying users who need to collaborate and mapping out their needs.
Various situations--like synchronous collaboration combining text chat and white-boarding, general purpose use, or the need for real-time operational support for enhanced availability--and the need for language translation are then taken into consideration.
After this, there are three more steps that need to be taken:
Proper information assurance is provided by cross-connecting the right number of domains. Collaboration Gateway (CG) paves the way for this cross-connection.
Multiple domains at the national level can be connected through a demilitarized zone via CG, which allows each domain to put forward its own security policy. Higher-level classifications can be protected through a different accreditation method.
Implementing a cross domain solution is much easier when a previous one already exists.
If one does not exist, then requirements must be evaluated in order to implement a solution that can securely transfer information.
How a cross domain solution will be installed is based on criteria such as the need for a new cross domain solution, or if an already-existing solution needs to be extended.
All relevant users and administrators need to be given proper training in order to ensure that the transition to a new system is smooth.
Of course, how long it will take to install a cross domain solution is dependent upon the nature and complexity of the solution. This is on top of obtaining required administrative approvals, which takes a significant amount of time.
Once permission to hook the solution onto a live network is obtained, assistance needs to be provided to onsite personnel, and new solutions require close coordination with the providers.
There are two primary challenges that are posed by cross domain solutions:
The potential solutions are:
Cross domain solutions are accredited and certified by the U.S. Government, by a unit of the NSA (National Security Agency) called the National Cross Domain Strategy Management Office (NCDSMO).
NCDSMO certification requires a thorough lab-based security assessment (LBSA) that involves thoroughly testing every aspect of the device. Once this assessment is passed, the device is eligible for the "Baseline List" of solutions that are certified for use by U.S. defense and intelligence agencies.
Since testing under NCDSMO is far more rigorous than other standards, it typically is superior to and given preference over other certifications.
In contrast to other network security devices, cross domain solutions use a combination of security technologies to provide layers of security rather than a single checkpoint.
Let's take a look at some of these technologies:
Cross domain solutions have two types of data fillers: standard data filters that have been developed by government agencies and standard bodies, and custom filters that can be designed for specific applications.
These data filters fall into two categories: standard and unstructured.
Let's take a closer look at each:
This means that uniform content or "fixed format" messages is filtered using a processes called linear pipeline. This process applies a series of filters and checks in order, each separated into isolated, independent tasks with handoffs from one to the next.
This means that complex content or unstructured data or imagery is broken down into basic elements and filtered using a process called recursive decomposition. This process decomposes data so that it can be inspected using standard content filters, and in some cases, custom filters may still be required.
This means that a system blocks any unexpected data, protocols, and ports, only allowing that which is known to be authorized, expected, or requested on the appropriate pathway.
To separate domains, cross domain solutions incorporate a hardware-enforced network segmentation and protocol break via data diodes.
Data flows are sent between domains via one-way transfers, with a protocol termination on the send side and protocol resume on the receive side.
For bidirectional transfers, cross domain solutions can be configured to send acknowledgements and other data through a separate return path.
As mentioned earlier, here are five ways cross domain solutions are securely constructed.
Cross domain solutions are a relatively inexpensive method of security and information assurance that provide unprecedented levels of speed, security, and flexibility to a variety of use cases outside of cybersecurity. These include:
At Trenton, our high-performance computing solutions are able to operate as cross domain solutions, ensuring data is securely stored, transferred, and shared between networks of varying security levels, all done on the same piece of hardware.
This helps to reduce costs, increase efficiency, and enhance security across the modern, multi-domain battlespace.
Additionally, we equip our systems with advanced, multi-layer cybersecurity technologies, protecting data-at rest, in-transit, and in-use across the hardware, firmware, software, and network stack.
In partnership with tech giants like Intel® and NVIDIA®, our solutions support the latest processing and networking technologies, enhancing data transfer rates, AI/ML/DL workloads, and connectivity at the edge.
Since data often needs to be shared between domains of different security levels, it is vital that information being transferred to and from domains is kept fully secured from unauthorized access.
Even the smallest data breach can result in life-threatening consequences, especially within a military environment where data needs to be accessed, moved, and stored within a matter of seconds.
In addition, data of different classification levels on different pieces of hardware poses problems by increasing costs and depriving government, military, and intelligence personnel with the key insights needed to make quick decisions in real-time.
Cross domain solutions help to address all of these problems by providing secure, rapid, and flexible bidirectional data transfer on a single piece of hardware.
Operating within a variety of use cases to maximize performance and data protection, cross domain solutions are a vital component of the increasingly advanced, virtualized, and interconnected technological ecosystem.
Sources: