Podcast | Aussie-bred network security technology earns click of approval

Can the Cross Domain Desktop Compositor streamline workflow without compromising security and usability?

Transcript

[Music plays and fades]

Alison Caldwell: Hi, I'm Alison Caldwell with another podcast from Defence Science and Technology.

Alison Caldwell: In today’s podcast we look at how Worlds-first computer technology from DST and the CSIRO’s Data61 is generating global interest for its universal potential. The Cross-Domain Desktop Compositor allows access to multiple computer networks through a single screen, streamlining workflow without compromising security or usability.

Alison Caldwell: Hmmm, I think you’ve got a virus… Hearing those words from your doctor is worrying enough. Hearing them from your computer technician can leave you feeling very sick indeed.

Has my bank account been cleaned out? Confidential work documents stolen? Personal information lost forever down some black hole in cyberspace?

Welcome to the digital reality of the 21st century, where a nasty (and costly) cyberattack could be as close as clicking on an innocuous-looking email or URL.

For defence and other government agencies, those fears are vastly magnified.

Australia’s defence personnel constantly access, update, or transfer highly sensitive classified information, regularly operating on several networks at once. Hopping from keyboard to keyboard, screen to screen is time consuming and often results in information being overclassified or unnecessarily downgraded.

However, Australian research has led to a ground-breaking innovation that allows users to access several applications running on different networks at the same time through a single screen.

Called the Cross Domain Desktop Compositor – or CDDC – it’s the brainchild of computer scientists from DST and the CSIRO’s Data61 Trustworthy Systems team.

Until now, accessing multiple networks at once required a trade-off between security and usability. Either access was sacrificed for stronger security, or security protocols were relaxed for the sake of easier access.

And, despite steep rises in the cost of operating and maintaining secure closed networks, there’s been no corresponding increase in workplace productivity that should have come if the information and services within them could have been better integrated.

Previously, users working across several networks at once had two options to access data.

The first was to access each network separately using a dedicated screen, mouse and keyboard. It was as slow and tedious as it sounds.

Then, along came the keyboard-video-mouse switch – or KVM switch. While it was a step forward, the KVM still did not provide the rapid, fully integrated single screen interface users dreamed of.

Enter, the CDDC. A simpler drop-in plug-and-play device, it supersedes the KVM and offers a more seamless experience by providing simultaneous access to applications from multiple networks on a single screen.

The CDDC allows the networks to be treated as if they were part of a single desktop, although only one network is able to receive input from the keyboard and mouse at any one time. Users can copy-and-paste between networks, while other applications – such as a single email inbox – are possible with each network rendering its separate parts together on the screen.

The CDDC project brought together DST’s world-class expertise in developing secure hardware and Data61’s secure operating system seL4 (pron. ‘ess-ee-el-four’). The mathematically proven operating system has been tested in the US military’s Little Bird helicopters, while the earlier OKL4 (oh-kay-el-four) is in use in billions of smart phones around the world.

Successfully tested on a number of operating environments, including Windows XP, 7, and 10, and Linux, the CDDC can be retrofitted to existing multi-desktop environments. The current device supports up to four networks, however its modular architecture means it can be scaled to support as many as required.

The CDDC has earned a click of approval from Australia’s Department of Defence.

During a five-month trial, the Defence Department’s security division granted the CDDC team controlled access to its protected and secret networks. Such was the department’s confidence in the technology that the Chief Technology Officer and the Chief of Joint Operations agreed to swap their KVM switches for CDDCs for the trial.

The technology has now been shared with defence scientists in the United States, the United Kingdom and Canada, each subjecting the ground-breaking system to a searching, high-level security assessment. The CDDC research has also been peer reviewed and published in Proceedings of the 32nd Annual Conference on Computer Security Applications.

Little wonder then that the innovative device swept the 2017 Australian Information Industry Association’s iAwards, which recognise new Australian technology with domestic and global potential. CDDC took out first place in two categories – Research and Development Project of the Year, and Infrastructure and Platforms Innovation of the Year. The national accolades came after it won the same categories at the South Australian State iAwards, and also collected the South Australian Public Sector and Government Markets iAward.

Defence researcher, Mark Beaumont, he believes, the CDDC’s unique technology demonstrates the potential for fundamental change in the way real-world systems are built and engineered.

And, while it may have been conceived in the military space, the CDDC’s creators are confident it will have broad applications across government and commerce, critical infrastructure, and sectors such as banking and health. In fact, any network where sensitive data needs to be securely managed, viewed, accessed, or transferred.

The system is being evaluated for possible use in a number of Defence projects, including a fleet modernisation program planned by the Royal Australian Navy.

Plans are also in train to commercialise the CDDC technology here and abroad through Australia’s Defence Innovation Hub.

[Music plays and fades]

Alison Caldwell: It will be fascinating to see how this innovative Australian-bred computer technology streamlines operations within our Defence community – and in the world beyond.

Keep up-to-date with other amazing developments in Australian defence science by following us @DefenceScience on Twitter, or download the DST App from Google Play or the App Store.

The Defence Science and Technology podcast is a production of the Defence Science and Technology Group, part of Australia’s Department of Defence.

That’s all for now. See you next time.

ENDS