Cross-Domain Data Way Station

When data is sent from one security domain to another, many tasks must be performed to ensure that the information security requirements of all stakeholders on both sides are met. Additional steps may transform the data to reconcile formatting and semantic conflicts between domains. Finally, a decision must be made to release the data, and, by the recipient, to accept it.

Provenance and history are important aspects of data in such settings, especially when relying on the data for critical decision making. Until recently, provenance and history were recorded only imperfectly within documents themselves, and implicitly in the information systems that handled and stored them. Recognizing the significance of such "meta" information in decision making, ATC-NY has developed technology, as part of the AFRL-sponsored Pedigree Management and Assessment Framework (PMAF) and Metadata Security Assertion Framework and Evaluation system (MetaSAFE) efforts, to record pedigree-critical provenance information-precisely and explicitly as metadata, and to bind that metadata to its subject data. Clearly, the value of data will be impaired if its pedigree is stripped away when it crosses between security domains.

It is important that some aspects of pedigree should be visible across domain boundaries, in a manner consistent with security policies. Pedigrees can also assist in the mechanics of a powerful and flexible data release mechanism.

To achieve the full benefits of explicit pedigrees in multi-domain information systems, ATC-NY and Architecture Technology Corporation are developing the Cross-Domain Data Way Station, a suite of tools that can be used on both sides of a domain boundary to enhance the data release process, and to enable cross-domain pedigree visibility.