Within industry, military, government and other sensitive systems, data is often shared across networks with different security requirements. To properly ensure the confidentiality and integrity of this information and to prevent data spills and classified network attacks, it is critical to rely on the protection provided by what is known as cross-domain solutions.

What is a cross-domain solution?

A cross-domain solution (CDS) in security refers to a system or technology that allows for the secure transfer of information between different security domains, enabling data sharing between networks with varying levels of classification while preventing unauthorized access or data spills between them. Information sharing must be done securely to maintain the necessary data characteristics of confidentiality, integrity and availability to deliver the right information to the right people at the right time.

History of cross-domain solutions

Cross-domain solutions were first pushed by the U.S. government in the wake of Sept. 11, 2001, after it was determined that the attacks may have been prevented if intelligence officials had had an effective and efficient way to share information, including connecting intelligence data on disparate systems. This led to the founding in 2006 of what is now called the National Cross Domain Strategy and Management Office (NCDSMO).

Under the authority of the NSA Director, the NCDSMO serves as the principal advisor for National Security System (NSS) owners regarding cross-domain capabilities. These responsibilities include overseeing all CDS operations across the government, developing community outreach programs and forums, and improving all security solutions, remote management and monitoring, cyber defense, filtering requirements, and standards and technologies related to CDS. It also operates the government’s CDS security testing program to ensure uniform and comprehensive testing.

However, the value of CDS is not limited to just government organizations. The use cases and need for it in the financial sector have continued to increase as devices, networks and organizations become more and more connected via wireless technology, software applications and other technological advancements. CDSs help the financial services sector and their customers to:

• Securely process transactions between internal and external accounts and systems without allowing additional access to other data
• Maintain compliance with strict regulatory rules regarding the sharing of data across different networks and the confidentiality and integrity of the data from both persons and businesses 
• Keep data private by ensuring it is only accessed by approved parties and transferred in a secure and controlled manner 
• Prevent fraudulent transactions or transfers by integrating data from customer transaction records and profiles to detect possible unapproved activities
• Connect the data of different departments, such as banking and credit departments, to better understand the overall risks of lending situations

Types of cross-domain solutions

There are three types of CDSs according to Department of Defense Instruction (DoDI) 8540.01 — access, transfer and multilevel solutions — and all must be included in the cross-domain baseline list before Department of Defense (DOD)-specific site implementations.

Access solution: Provides access to a computing platform, application or data residing on different security domains from a single device without any transfer between the various domains

Transfer solution: Facilitates the movement of data between information systems operating in different security domains

Multilevel solution (MLS): Stores data in multiple security domains at varied security levels and allows users to access data at the appropriate security level

Access and transfer solutions rely on multiple security levels approaches that maintain the separation of domains; this architecture is considered multiple single-level (MSL). A multilevel, or MLS, solution differs from a MSL architecture by storing all data in a single domain. The MLS solution uses trusted labeling and integrated mandatory access control (MAC) schema as a basis to mediate data flow and access according to user credentials and clearance to authenticate read/write privileges. In this manner, an MLS is considered an all-in-one CDS, encompassing both access and data transfer capabilities.

​​​​​Key features of a cross-domain solution

A cross-domain solution uses specialized integrated software-hardware systems to filter and sanitize data before transferring it between domains, often employing strict access controls and data transformation techniques. A CDS will use cryptography and MAC mechanisms to isolate different networks and data flows to ensure compliance with security and releasability policies and to reduce the risk of attack from embedded content.

Data filtering: Only authorized data is allowed to be transferred between domains

One-way data flow (data diodes): In some cases, data can only travel in one direction to prevent unauthorized data spills

User authentication and access control: Strict user authentication and authorization mechanisms limit who can access cross-domain functionality

Auditing and logging: Detailed records of data transfers for monitoring and compliance purposes 

Where are cross-domain solutions used?

The purpose of a cross-domain solution is to provide various applications with secure ways to share essential information in a timely manner while minimizing risk of information exposure. This means CDSs are applicable to a variety of organizations and industries, including:

• Government agencies sharing classified information across different security levels
• Defense operations where data needs to be shared between different command centers or deployed at the tactical edge to meet mission-specific needs
• Critical infrastructure networks with varying security requirements
• Enterprise data centers with many different networks and security enclaves, each with a different classification and/or releasability
• Other applications such as intelligence agencies, corporate security and law enforcement/public safety organizations

Raise-the-Bar (RTB) cross-domain solution requirements for national security

Only CDSs that meet National Security Agency (NSA) and NCDSMO Raise-the-Bar (RTB) cybersecurity guidelines can be considered for national security use, including by U.S. intelligence agencies and the U.S. DOD. The NSA oversees the development and implementation of CDSs through its NCDSMO.

RTB is a strategy for improving CDS security and capabilities from a design, development, assessment, implementation and use perspective. First published in 2018, RTB standards are a set of security guidelines and requirements for CDSs deployed by the U.S. government to protect national security systems. On January 19, 2022, the White House issued National Security Memorandum 8 (NSM-8), which included a requirement for all agencies operating a CDS connected to a national security system to report on progress toward meeting RTB, as well as any funding obstacles that prevent RTB compliance. Key points in RTB requirements include:

Focus on CDS security: RTB primarily focuses on enhancing the security of CDSs, which are critical for secure data transfer between networks with different classification levels.

Strict design standards: The RTB standards define strict design principles for CDS systems, including requirements for data filtering, access controls and system architecture to prevent unauthorized data leakage.

“RAIN” concept: A central tenet of RTB is the “RAIN” principle (redundant, always invoked, independent implementations and non-bypassable), which ensures robust security mechanisms that cannot be easily circumvented.

Vendor compliance: Vendors selling CDS systems to government agencies must comply with RTB standards, often requiring rigorous testing and evaluation to demonstrate their system’s security capabilities.

Evolving threat landscape: RTB standards are designed to be adaptable and regularly updated to address emerging threats and technologies in the cybersecurity landscape.

The role of CDS in securing data and preventing tampering

Cross-domain solutions prevent adversaries from gaining access to critical systems and information. Learn about the role they play in secure data management and why integrated security is needed to prevent adversaries from tampering with or altering CDS systems.

Agile cross-domain solutions ensure Top Secret, Secret and unclassified information can be securely shared between forces, and are critical to the military’s Joint All-Domain Command and Control (JADC2) strategy.