SBIR-STTR Award

Using Phase I SBIR funding, MAXIM Systems will deliver a working prototype of the Trusted Application Layer Interface (TALI) for a Trusted Operating System (TOS). This will be done through further development of components already available at MAXIM that were created through past internal R&D efforts. The MAXIM technology will allow most any network or Web-based application that is otherwise not ‘multilevel security (MLS) aware’ to seamlessly access a multilevel secure data store. This component will allow standard JDBC/ODBC and XML protocols to be used with the TALI data broker, which will provide the MLS capability. The technology itself will be generalized to allow use among and between different data driven applications and data sources. The prototype will also contain a Plug-in architecture back-end, allowing use of disparate data stores with these integrated applications. A Plug-in for an MLS-aware Oracle database will be provided with the system prototype to demonstrate this functionality. Benefits Creation of the MAXIM Trusted Application Layer Interface (TALI) will allow most any network or Web-based application to securely access multilevel data stores, even while running on a system that is not multilevel aware. It permits more simplified operation of a Trusted Operating System (TOS) with the ability to integrate proprietary and legacy applications; all without compromise to the security functions of the system. For military coalition forces, this means each group will be able to integrate their own custom programs while still selectively sharing sensitive data, such as intelligence information. In Homeland Defense, inter-agency and interstate data could be selectively shared in the same way. For the commercial world, e-Commerce, Financial Services, and the Healthcare industry would benefit greatly from the ability to make better use of TOS technology to protect customer data. Internet-based infrastructure and content businesses such as Internet Service Providers, Application Service Providers, Hosting Services, and Certificate Authorities would also gain substantially from this technology. With simplified application porting, these organizations can better utilize the TOS to provide data integrity assurance and high uptime through enhanced protection against system intrusions. Keywords Open Interface Standard, ODBC/JDBC, XML, Secure Data Integration, Trusted Operating System, Plug-in Architecture, Common Criteria Certifiable, Multilevel Security

Building from the success of the Phase I SBIR grant, MAXIM Systems will use Phase II funding to expand the Trusted Application Layer Interface (TALI) prototype into a fully functional system for commercialization in Trusted Operating Systems (TOS). The existing technology demonstrates the ability of non-multilevel security (MLS) aware applications to securely access a multilevel Oracle Label Security database though the TALI. Phase II funding will extend this capability through modifications to the architecture, permitting access to multiple security level data sources. MAXIM will also create a “Plug-in for plug-ins” middleware component that greatly simplifies re-use of common data structures in this environment, and a comprehensive Plug-in Developer Guide. Other Base funding work will include architecture access protocol compliance work, testing of cross-TOS compatibility, and feasibility studies for incorporation of the TALI into two different DoD programs. MAXIM will also use Base funding to create a SOAP/XML Homeland Security/ Homeland Defense demonstration with the framework. Option funding will be used to develop a plug-in for the eXtensible Tactical C4I Framework (XTCF) project and provide Defense Information Technology Security Certification and Accreditation Process (DITSCAP) documentation. This latter task will allow widespread use of the TALI technology throughout the DoD/ government community.

Keywords:
Java Interface, SOAP/XML, Secure Data Integration, Trusted Operating System, Plug-in Architecture, Multilevel Security, Multiple Security Level, Netwo