Cross-Domain RSS Processor and Router

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00039-06-C-0097
Agency Tracking Number: N061-089-1292
Amount: $99,999.00
Phase: Phase I
Program: SBIR
Awards Year: 2006
Solicitation Year: 2006
Solicitation Topic Code: N06-089
Solicitation Number: 2006.1
Small Business Information
2019 Palace Avenue, Saint Paul, MN, 55105
DUNS: 361885069
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Mark Brown
 Chief Technology Officer
 (651) 204-3372
Business Contact
 Michael Murphy
Title: Chief Executive Officer
Phone: (612) 636-8923
Research Institution
A MILS (multiple independent levels of security) architecture is proposed for a cross-domain routing system. Research is required to determine if a low-assurance encryption protocol implementation can feasibly deliver messages while assuring system-wide message integrity. One objective is to avoid reinventing a proven standard key management and encryption protocol, TLS (transport layer security) or certifying the protocol implementation with high assurance. By extending the TLS protocol in a standard way, digital signatures can be added to the protocol. Next, MILS an application-level reference monitor (ALRM) can ensure that the reference monitor assures message integrity using the new digital signatures before allowing the routing subsystem to process the message. Following this pattern, TLS can be extended a second time to add a routing instructions block to the protocol. These routing instructions can in turn have integrity assured by a similar combination of digital signature and MILS ALRM. Further utilization of a MILS separation kernel could yield a highly assured cross-domain routing system capable of read-down and write-up. Use of the protocol extensions enables routing at granular sensitivity levels. An example use of such a system is proposed for future implementation: RSS summaries of C2ISR data feeds could be obtained across domains. BENEFITS: Obtaining EAL6 assurance for a router that can securely enables granular cross-domain messaging will enable a new paradigm for secure communications. In military contexts, granular separation controls could reduce communications inefficiencies caused by strong separation of classification or sensitivity levels. In business contexts, a highly assured router that can be effectively controlled by policy or legal contracts can enable higher value and more efficient and convenient business transactions. Businesses benefit from the ability to expose valuable services over the Internet to selected partners, who in turn may control access to selected employees. Cost savings compound due to several operational efficiencies and reduced security costs and risks surrounding the system’s deployment.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government