Header Image

XML-Aware Cross-Domain Solutions

Integrate a cross-domain solution with an XML firewall for SOA security in government

Integrate a cross-domain solution with an XML firewall for SOA security in government

 

Governmental organizations have traditionally employed certified cross-domain solutions to enforce security policies for sharing information between disparate systems residing at different classification levels.

With XML becoming the de facto language of information exchange, governments have begun adopting XML-enabled technologies like Service-Oriented Architecture (SOA), Web services and enterprise service buses (ESBs).

Most XML-based cross-domain solutions provide only very basic, limited data validation and sanitization capabilities. Additionally, most fail to address the problem of coordinating security and integration policies between interacting classification domains.

For governmental organizations to enable secure Service-Oriented business processes that span security domains and organizational boundaries, they need to adopt technologies that will protect, connect and validate transactions across these boundaries.

This white paper focuses on how XML firewalls can be used to augment existing, certified cross-domain solutions and how – in an instance where there is no requirement for a certified system – an XML firewall may be used directly to enforce cross-domain security policy.