USA flag logo/image

An Official Website of the United States Government

Cross-Domain RSS Processor and Router

Award Information

Department of Defense
Award ID:
Program Year/Program:
2006 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
1199 Falls View Court Saint Paul, MN 55118-
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2006
Title: Cross-Domain RSS Processor and Router
Agency / Branch: DOD / NAVY
Contract: N00039-06-C-0097
Award Amount: $69,999.00


A MILS (multiple independent levels of security) architecture is proposed for a cross-domain routing system. Research is required to determine if a low-assurance encryption protocol implementation can feasibly deliver messages while assuring system-wide message integrity. One objective is to avoid reinventing a proven standard key management and encryption protocol, TLS (transport layer security) or certifying the protocol implementation with high assurance. By extending the TLS protocol in a standard way, digital signatures can be added to the protocol. Next, MILS an application-level reference monitor (ALRM) can ensure that the reference monitor assures message integrity using the new digital signatures before allowing the routing subsystem to process the message. Following this pattern, TLS can be extended a second time to add a routing instructions block to the protocol. These routing instructions can in turn have integrity assured by a similar combination of digital signature and MILS ALRM. Further utilization of a MILS separation kernel could yield a highly assured cross-domain routing system capable of read-down and write-up. Use of the protocol extensions enables routing at granular sensitivity levels. An example use of such a system is proposed for future implementation: RSS summaries of C2ISR data feeds could be obtained across domains. BENEFITS: Obtaining EAL6 assurance for a router that can securely enables granular cross-domain messaging will enable a new paradigm for secure communications. In military contexts, granular separation controls could reduce communications inefficiencies caused by strong separation of classification or sensitivity levels. In business contexts, a highly assured router that can be effectively controlled by policy or legal contracts can enable higher value and more efficient and convenient business transactions. Businesses benefit from the ability to expose valuable services over the Internet to selected partners, who in turn may control access to selected employees. Cost savings compound due to several operational efficiencies and reduced security costs and risks surrounding the system's deployment.

Principal Investigator:

Mark Brown
Chief Technology Officer

Business Contact:

Michael Murphy
Chief Executive Officer
Small Business Information at Submission:

2019 Palace Avenue Saint Paul, MN 55105

EIN/Tax ID: 202417774
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No