Improving Inter-Enclave Information Flow for a Secure Strike Planning Application

Abstract

DoD operates many system high enclaves with limited information flow between enclaves at different security levels. Too often, the result is duplication of operations and inconsistent and untimely data at different sites, which reduces the effectiveness of DoD decision support systems. This paper describes our solution to this problem as it arises in installations of the Joint Maritime Command Information System (JMCIS), an integrated C4I system. Our approach views databases in more classified enclaves as potential replica sites for data from less classified enclaves. Replicated data flows from lower enclaves to higher ones via one-way connections, yielding a high assurance MLS (multi-level secure) distributed system. The one-way connections are the only trusted components. This approach is based on our work on SINTRA (Secure Information Through Replicated Architecture), and applies generally to any collection of systems each running a database at system high. It complements and exploi..