Cross-Domain Solutions (CDS): A Comprehensive Survey

Vignesh Sundaravarathan; Husain Alqalaf; Asif Siddiqui; Kiju Kim; Sanghee Lee; Martin Reisslein; Akhilesh S. Thyagaturu; Nick Ross; Jason Howard; Sanjaya Tayal

doi:10.1109/ACCESS.2024.3483659

IEEE Access (Jan 2024)

Cross-Domain Solutions (CDS): A Comprehensive Survey

Vignesh Sundaravarathan,
Husain Alqalaf,
Asif Siddiqui,
Kiju Kim,
Sanghee Lee,
Martin Reisslein,
Akhilesh S. Thyagaturu,
Nick Ross,
Jason Howard,
Sanjaya Tayal

Affiliations

Vignesh Sundaravarathan: ORCiD; School of Electrical, Computer and Energy Engineering, Arizona State University, Tempe, AZ, USA
Husain Alqalaf: ORCiD; School of Electrical, Computer and Energy Engineering, Arizona State University, Tempe, AZ, USA
Asif Siddiqui: ORCiD; College of Computer and Information Sciences, Prince Sultan University, Riyadh, Saudi Arabia
Kiju Kim: School of Electrical, Computer and Energy Engineering, Arizona State University, Tempe, AZ, USA
Sanghee Lee: ORCiD; Hyundai Transys, Mesa, AZ, USA
Martin Reisslein: ORCiD; School of Electrical, Computer and Energy Engineering, Arizona State University, Tempe, AZ, USA
Akhilesh S. Thyagaturu: ORCiD; Network and Edge Group, Intel Corporation, Chandler, AZ, USA
Nick Ross: ORCiD; Network and Edge Group, Intel Corporation, Chandler, AZ, USA
Jason Howard: ORCiD; Extreme Scale Computing Group, Intel Corporation, Hillsboro, OR, USA
Sanjaya Tayal: Extreme Scale Computing Group, Intel Corporation, Hillsboro, OR, USA

DOI: https://doi.org/10.1109/ACCESS.2024.3483659
Journal volume & issue: Vol. 12
pp. 163551 – 163620

Abstract

Read online

A domain is commonly defined as a set of system resources, e.g., computers, to which certain users have prescribed access rights as governed by some security policies. The access (viewing) and transfer of data between distinct domains facilitates a wide range of information technology applications. A Cross-Domain Solution (CDS) can provide the security mechanisms that are required to properly restrict the access and exchange of sensitive information between different domains. This article provides a comprehensive up-to-date survey of CDS. This survey is organized according to a CDS taxonomy with access, transfer, and Multi-Level Security (MLS) as the main CDS categories. An access solution helps a client to view the data present in a server (which is in a different domain, other than the client’s domain); thus an access solution effectively provides isolation between domains by allowing data access (without data transfer capabilities) between these domains. A transfer solution secures the transfer of data between domains to avoid leaks of data to unauthorized entities. Thereby, a transfer solution effectively connects domains in either a unidirectional or bidirectional manner. An MLS solution handles data with multiple levels of security (sensitivity of the data), such as top-secret, secret, or unclassified data. Aside from the fundamental conceptual approaches from the existing CDS research, this survey gives a comprehensive overview of the existing commercial CDS products. We identify the limitations of the existing CDS concepts and products and outline directions for future research and development to address these limitations and advance the overall CDS research area.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords