Defense software and security companies have weighed in on how to use cross-domain products that use virtualization technology in cloud computing environments, according to a KMI Media Group report published July 19.
Peter Buxbaum writes there is agreement on the need for technology that can merge information from disparate data repositories that have different types of security clearances.
Several companies have begun moving towards addressing this need amid growing adoption of new computing platforms by defense and intelligence agencies.
Mitch Parker, client virtualization group vice president at Citrix, suggested to KMI that users adopt remote desktop architectures.
“By hosting each virtual desktop in the data center, isolated from other domains, users are given access (to) the information and applications they need with incredible degrees of control,” Parker said.
Steve Bean, a program manager at Lockheed Martin Trusted Security Solutions, told KMI the government has yet to approve a cross-domain tool that can penetrate different cloud platforms.
“Where we want to go is to provide cloud services through which a user can call a service to downgrade a piece of data and allow the user to see all data from his security level and down,“ Bean said.
Colin Robbins, technical director at Nexor, said adoption of cross-domain tools might take some time after the government approves the technology because it perceives that highly classified information is less secure in a cloud environment.
“As you go to the higher end you won’t see much change in how cross-domain solutions are implemented. At the higher levels of classification, there is a reluctance to accept the risks associated with going to cloud solutions.”
George Kamis, chief technology officer at Raytheon Trusted Computer Solutions, outlined the importance of having trusted, multilevel operating system.
“We take this core technology, in our case the Linux server operating system, along with other security mechanisms, to lock down the system in such a way that information sharing can be done only by the trusted processor,” Kamis said.
“We look at the data, inspect it, and perform file checks and other inspections before allow data to transverse the two different security levels,” he added.