Cross-Domain RSS Processor and Router

Award Information
Department of Defense
Award Year:
Phase I
Award Id:
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
2019 Palace Avenue, Saint Paul, MN, 55105
Hubzone Owned:
Minority Owned:
Woman Owned:
Principal Investigator:
Mark Brown
Chief Technology Officer
(651) 204-3372
Business Contact:
Michael Murphy
Chief Executive Officer
(612) 636-8923
Research Institution:
A MILS (multiple independent levels of security) architecture is proposed for a cross-domain routing system. Research is required to determine if a low-assurance encryption protocol implementation can feasibly deliver messages while assuring system-wide message integrity. One objective is to avoid reinventing a proven standard key management and encryption protocol, TLS (transport layer security) or certifying the protocol implementation with high assurance. By extending the TLS protocol in a standard way, digital signatures can be added to the protocol. Next, MILS an application-level reference monitor (ALRM) can ensure that the reference monitor assures message integrity using the new digital signatures before allowing the routing subsystem to process the message. Following this pattern, TLS can be extended a second time to add a routing instructions block to the protocol. These routing instructions can in turn have integrity assured by a similar combination of digital signature and MILS ALRM. Further utilization of a MILS separation kernel could yield a highly assured cross-domain routing system capable of read-down and write-up. Use of the protocol extensions enables routing at granular sensitivity levels. An example use of such a system is proposed for future implementation: RSS summaries of C2ISR data feeds could be obtained across domains. BENEFITS: Obtaining EAL6 assurance for a router that can securely enables granular cross-domain messaging will enable a new paradigm for secure communications. In military contexts, granular separation controls could reduce communications inefficiencies caused by strong separation of classification or sensitivity levels. In business contexts, a highly assured router that can be effectively controlled by policy or legal contracts can enable higher value and more efficient and convenient business transactions. Businesses benefit from the ability to expose valuable services over the Internet to selected partners, who in turn may control access to selected employees. Cost savings compound due to several operational efficiencies and reduced security costs and risks surrounding the system's deployment.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government