Transfer of data from one security or administrative domain to another is referred to as a Cross Domain Solution (CDS). As information networks become more integral to immediate decisions, the tried and true method of manual inspection of all information crossing security boundaries becomes ineffective. The proposal being put forth outlines an effective automated mechanism which combines a hardware appliance with implanted software guards to protect both the sending and receiving domain from data contamination. Two major concepts are to be explored within this research effort. The first concept creates specific software protocols that will be used in support of generic cross-domain solutions. The second concept focuses on practical methods to determine if the protocols created are operationally correct, and most importantly that the developed mechanisms are immune to covert channel vulnerabilities. These concepts will work in concert with the proposed hardware to create a technology solution that addresses this important need while meeting NSA information assurance requirements.
