Cross Domain Solutions
BAC's engineers conducted a study for the client to identify and assess automated one-way transfer solutions capable of securely moving data from a lower level security domain to a higher security domain. Our engineers then deployed the system for the client.
Cross Domain Solutions can be broadly classified into access solutions and transfer solutions. The former enable users to go through information and resources scattered in multi-domains using a single workstation, whereas the latter facilitates information movement across the domains.
- Data confidentiality: Assurance regarding non-disclosure of sensitive information to unauthorized and malicious processes, users and devices. - One-Way Transfer
- Data integrity: Information is safeguarded against non-legitimate alteration or destruction. – Content Management
- Data availability: Authorized users can timely access data and information services reliably. – Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC)
Our engineers have over 15 years of experience developing solutions that enable secure, reliable information exchange between networks. Our engineers have deep subject matter expertise in the area of information security and certification and accreditation processes. Coordinating with security and CIO offices, our engineers ensure systems are built, tested and delivered according to the client’s security requirements. Our understanding of the security policies and guidelines governing IT system design, development and implementation within the IC makes our experts valuable assets to every project.
- Conduct systems engineering, integration and testing services in the areas of firewalls, secure routers, VPNs, anti-virus tools, digital signatures, and all protocol content filters.
- Develop approved CI baselines by working closely with Security to ensure systems are designed, built, tested, and delivered in accordance with applicable security requirements.
- Identify new vulnerabilities in security systems as well as areas of concern related to operational or proposed implementations.
- Perform assessments and evaluations of COTS Information Security solutions to ensure our customers' systems, networks, and data are protected against unauthorized access.
- Complete solution assessments and provide feedback describing available options, associated risks, and recommended solutions.