Cross-Boundary Device for Secure and Intelligent Information Transfer
SPROCKET is a cross-boundary device that enables secure and intelligent information transfer. It validates and passes data unidirectionally between different information domains and ensures that attacks between the domains cannot be performed through the act of sharing. SPROCKET uses multi-tiered intelligent data analysis for controlling content authorization across user groups and information classification, allowing organizations to control data distribution based on what the publisher wants to share, what the subscriber wants to consume, and what the organization will restrict. Multi-tiered intelligent analysis enables a single set of data to be shared between partners with different levels of authorization with controls that ensures users from different departments/organizations are securely accessing ONLY the portion of data necessary to complete their mission. The solution uses NSA developed technologies to securely provide both real time and stored information access control between different information domains. The solution can be utilized as a virtual appliance in standard environments, hardened systems, or integrated into cloud based strategies to share many types of information using its virtual adapter and verified plug-in architecture. Modular virtual adapter architecture allows for an extensive interfacing with different data sources and internal plug-in architecture provides flexible functionality and performance requirements.
Intelligent Data Sharing
Multi-tiered Information Control
- A cross boundary device that provides the capability to securely access or transfer information across different information domains.
- Uses intelligent data analysis for controlling content authorization across user groups and information classification.
- Offers multi-tiered intelligent information control based on department and organization policies to enable a single set of data to be shared securely accessing only the portion of data necessary to complete their mission.
- Only solution that incorporates multi-tiered sharing policy rules from the publisher, subscriber and the organization with an easy to use data model based interface.
Trusted Separation Technologies and NIAP-Certified
- Uses Common Criteria evaluated mandatory access controls and type enforcement mechanisms to ensure that sharing domains cannot use SPROCKET as a gateway into other domains.
- Uses the underlying separation technologies of DoD guard systems yet provides flexibility equivalent to commercial gateway systems.
- Hardened inner core separates SPROCKET into zones of operation to ensure any activity in one information domain cannot adversely affect any other domain. Communication between these domains are strictly restricted by using one way transfers to ensure that no information can be inadvertently or maliciously exchanged through covert channels.
Cryptographically Binds Validation Process
- Only solution that cryptographically binds the validation process to ensure that all expected filtering is performed before the information is released into another information domain.
Reduced Deployment Risk
Proven Components and Technologies
- Uses components that have successfully completed independent government evaluations and have a history in successful deployment accreditations.
- Uses NSA-developed open sources technologies to supplement the capabilities for security critical components that do not yet have independent government evaluation.
- Referentia is one of the few companies who have experience in accreditation of systems in the cross domain environment. This experience can be leveraged to deploy SPROCKET in DoD and critical infrastructure environments.
Works in Virtual or Cloud Environments
- Can be utilized as a virtual appliance in standard environments or integrated into cloud based strategies to share many types of information using its virtual adapter and verified plug-in architecture.
Highly Scalable and Compatible
- Open architecture approach allows tailoring to an organization’s specific environment and grows with the organization as the data sources change.
- Only solution that utilizes open virtual adapter architecture to integrate new data sources without affecting the security of the system for interoperability and uses an extensible verified plug-in architecture that allows the system to scale as needed to handle different types and amount of traffic.