Autonomic Resilient CDS

Agile mission execution in cyberspace involving the US and its coalition partners demands dynamically changing information sharing policies enforced by Cross Domain Solutions (CDSs). Reconfiguration needs to happen at a sub-second timescale to effectively face the velocity of constantly changing and propagating cyber threats. In contrast, current state-of-the-art approaches to CDS remote management require manual selection of policies by administrators from a long list of potential choices, therefore limiting responsiveness to human time scales and limiting scalability to the number of selectable items that administrators can handle.

The objective of the Autonomic Resilient CDS (ARC) effort is to design and implement a service-oriented capability for enabling next generation CDSs to achieve a significant increase in resiliency and agility by virtue of automatically adapting CDS policies based on risk/urgency tradeoffs. Using ARC, Authorizing Officials (AOs) will be able to approve and sign the anticipatory adaptation logic used in specific contexts and delegate execution to trusted platforms that either autonomously reconfigure CDSs or provide suggestions to administrators.

If successful, the resulting capability will enable an autonomic and resilient CDS capability that automates policy selection to dynamically maintain a minimum privilege information sharing policy across multiple domains. ARC enables deconfliction of choice between policy bundles, removal of unneeded privileges, and adjustment of policies at scale in response to evolving information sharing demands and newly discovered exploits within sub-second latencies. Specifically, ARC will implement services that