|
Cross-Domain Document-Based Collaboration in a Multi-Level-Secure Environment
Navy SBIR FY2005.1
| Sol No.: |
Navy SBIR FY2005.1 |
| Topic No.: |
N05-085 |
| Topic Title: |
Cross-Domain Document-Based Collaboration in a Multi-Level-Secure Environment |
| Proposal No.: |
N051-085-1002 |
| Firm: |
Galois Connections Inc.
12725 SW Millikan Way
Suite 290
Beaverton, Oregon 97005-1691 |
| Contact: |
Laura McKinney |
| Phone: |
(503) 626-6616 |
| Web Site: |
www.galois.com |
| Abstract: |
Galois proposes to develop a trusted document server (DocServer) to mediate the connection between a user's workstation and files to which they have access. Users will connect to a single "virtual" combined file and web server from which they may browse, open, edit and save documents, using COTS editors (like Word 2003). The DocServer will allow XML documents stored on the file/web server to contain regions marked with varying sensitivity level annotations. The DocServer will provide a secure execution environment and safe access to multi-level document storage, and will mediate between user workstations and the multi-level document storage, ensuring that multiple users can collaborate safely and securely on documents with information annotated to multiple levels of security. The DocServer will also support a restricted form of XSLT, for imposing clearance-level specific views upon documents. The DocServer will be built within the Trusted Services Engine (TSE) platform, a GOTS open source cross-domain file/web server currently under development for the US Navy. The TSE is based around the MILS architectural concept and targets EAL6 evaluation. As the TSE is compatible with the GIG roadmap, the DocServer will be capable of smooth transition from multiple separate networks to a Black Core network. |
| Benefits: |
The need for secure access and collaboration over multi-level documents is ubiquitous in the DoD and indeed exists throughout the government (in, for example, the DHS, the various intelligence agencies, and the State and Treasury departments). The DocServer would not only increase the productivity of these users but would do so securely. There is also significant potential in the private sector, driven by privacy concerns (in the banking and health industries) and the need to protect intellectual property and trade secrets. Recent legislation mandates stricter security policies and mechanisms. The DocServer could easily be adapted to suit commercial needs for secure access and collaboration of multi-level documents. |
Return
|