Cross-Domain Document-Based Collaboration in a Multi-Level-Secure Environment

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00039-06-C-0099
Agency Tracking Number: N051-085-1002
Amount: $1,545,390.00
Phase: Phase II
Program: SBIR
Awards Year: 2006
Solitcitation Year: 2005
Solitcitation Topic Code: N05-085
Solitcitation Number: 2005.1
Small Business Information
GALOIS CONNECTIONS, INC.
12725 SW Millikan Way Suite 290, Beaverton, OR, 97005
Duns: 098009918
Hubzone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 John Launchbury
 CEO and President
 (503) 626-6616
 john@galois.com
Business Contact
 David Hardman
Title: Executive Vice President
Phone: (503) 626-6616
Email: daveh@galois.com
Research Institution
N/A
Abstract
Our method of enabling cross-domain collaboration allows documents whose contents have a mixture of sensitivity levels to be viewed and edited by users with differing clearance levels, while maintaining the requisite security constraints. In particular, we've identified the following key technical requirements: *Multi-level documents: single documents may contain multiple sections of varying classification and compartmentalization. *Secrecy: users may view sections of documents only if they have clearance. *Editing: users may load, edit, and save a document without knowledge of, or disturbing sections of the document for which they lack sufficient clearance or approval. *High assurance: the solution must be built with high assurance, with a target evaluation of EAL6. To accomplish these goals, we propose to develop a trusted document server (DocServer) to mediate the connection between a user's workstation and files to which he has access. As far as the user is concerned, his workstation connects to a single "virtual" combined file and web server from which he may browse, open, edit and save documents. The DocServer will allow documents stored on the web/file server to contain regions of varying sensitivity levels. For example, a document may begin and end with low sensitivity text, but contain an inset of high sensitivity. BENEFITS: The need for secure information sharing of multi-level documents is quite extensive throughout government. Currently the U.S. Government has several million individual security clearances outstanding, and is producing tens of millions of new classified documents each year. Further, we are in the midst of a major transformation from strongly hierarchical organizations with vertical command, control and communications structures, to one where missions are executed by largely autonomous coalitions of nations/agencies/departments. This shift is happening not only in how we fight traditional wars, but how we coordinate Homeland defenses and wage the war on global terrorism. Potential users therefore, include the DoD, DHS, intelligence agencies, State and Treasury Departments, plus local governments. We also anticipate demand for this technology outside of the government in industry and private applications. Here we see a gradual strengthening of “infosec” practices to deal with privacy and security concerns which will mandate use of higher assurance technologies as they are shown practical and effective, especially in areas of health care and financial data.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government