MILS Web Services Gateway (MWSG)

Period of Performance: 06/22/2006 - 05/22/2007


Phase 1 SBIR

Recipient Firm

Trident Systems, Inc.
10201 Fairfax Boulevard Array
Fairfax, VA 22030
Principal Investigator


All existing web-based groupware tools lack any provision for multi-level security. Furthermore, the size and complexity of such software makes it extremely unlikely that any potential extensions to support multiple security levels could ever be certified or accredited across clearance levels. Trident Systems proposes to leverage the Multiple Independent Levels of Security (MILS) architecture and develop a MILS Web Service Gateway (MWSG) to mediate the communication between a user's workstation and Wiki engine across multi-level security domains. The MWSG will allow users to mark regions of Wiki documents with varying sensitivity level annotations based on the Intelligence Community Standard for Information Security Markings (IC ISM) standard. The MWSG will support a restricted form of Extensible Stylesheet Language Transformation (XSLT), for imposing clearance-level specific views upon documents. The MWSG will provide a secure execution environment and safe access to multi-level Wiki web pages, and will mediate between user workstations and the Wiki engine, ensuring that multiple users can collaborate safely and securely on documents with information annotated with multiple levels of security. The MWSG targets the Evaluation Assurance Level (EAL) 6. Since MWSG is small, tightly focused component based on the MILS architectural concept, the high-assurance evaluations is an achievable goal. BENEFITS: The MWSG will enable new flexibility in web-based groupware tools by developing the High Assurance system for secure web-collaboration. In so doing, the MWSG will significantly enhance the cross domain information sharing capability, shorten the intelligence production cycle, and enable military decision-makers to quickly respond to critical situations. The private sector has similar security concerns that are currently addressed via physical separation of networks and levels of information. A secure web-collaboration solution server would allow secure access from those isolated domains to general information. As the commercial sector uses similar active content tools, any active content solution that works in a government environment would be directly applicable.