To enable enterprise organizations to interchange data they need a solution that provides for collaboration on multiple security domains in a unified portal.
The term used to describe this solution is called a Cross Domain Solution (CDS). A CDS is a term that provides the ability to manually and/or automatically access and/or transfer information between different security domains. What started out as an initiative to implement a multiple security domain accessible solution within the Department of Defense Intelligence Information System (DoDIIS) Community has since become a “must have” for next generation organizations requiring architecture flexibility meeting business compartmentalization requirements at a reduced cost.
A CDS uses a Zero client (also known as thin client) to provide seamless access (secured portal) to all available data on a single desktop, regardless of the network on which the data resides. It allows authorized users, through the use of Role Base Access Control (RBAC), the ability to move data between security domains. A CDS is designed to integrate into a enterprise existing infrastructure, taking full advantage of resources already in place, such as printers, network storage, and terminal services to name a few.
The benefits of implementing an CDS into an organizations architecture includes: maximizing productivity; minimizing cost; access to multiple security domains; scalability and flexibility; minimizing the carbon footprint to a desktop, and secure data transfer capability.
To obtain a CDS within your organization it must go through and CDS authorization process which is inclusive of a site assessment. This is multi-step process and in-depth understanding of your business requirements; personnel requiring access; current infrastructure; and information transfer requirements. If approved your organization is then cleared to implement the CDS. Note that implementation does not allow for the CDS to touch any security domains. It only allows for the “construction” to take place.
If the CDS is being implemented for DoD and Federal government, the Cross Domain Solution Authorization (CDSA), if granted, will allow for operational use but not network connection to security domains. Once the security test and evaluation (ST&E) is completed, the organization will then apply for an authority to operate (ATO) for each security domain requiring access. Once all testing and evaluation results have been compiled the Defense IA/Security Accreditation Working Group (DSAWG) will approve an ATO for your CDS, which then allows connection to the security domains.
If the CDS is being implemented for commercial organizations, the organizations cyber security or information assurance professional will allow for operational use but not network connection to secure or protected domains. Once the penetration testing and evaluation is completed, the organization will then cleared by these professionals for operations.
Once connected to the networks (security domains), an organization’s site security officer (SSO) and/or information assurance (IA) officer must maintain auditing and security requirements. In addition, administration and maintenance must take place at the organizational level.
About Timitron Corporation:
Timitron Corporation(SBA 8(a)/SDB/HUB Zone, SDVOSB, VOSB, DBE, MBE, ACDBE, SWaM, and Micro-Business Certified) consulting firm has over 20+ years of successful military, industry, and engineering experience. The services that Timitron Corporation offers combine demonstrated industry experience and expertise employing proven integration and project management methodologies to deliver solutions that meets our customers’ requirements.
The mission of Timitron Corporation is to provide innovative solutions to our clients that require superior quality, adherence to schedule, and managed costs.
For more information, please visit www.timitron.comor contact us by email at [email protected] by phone at 877-398-3877.
