The Role of Virtualisation in Cross-Domain Solutions

Virtualisation is an increasing trend in IT, enabling major reductions in the cost of computing. However, the adoption of virtualisation in specialist environments requires careful consideration. Cross-Domain Solutions (CDS), in which systems are deployed to enable secure and reliable transfer of information between classified domains, require a high degree of assurance that the data will not be compromised. The security of these systems is therefore paramount and the use of virtualisation must be assessed carefully.

To understand the level of assurance required in a CDS it is necessary to analyse both the impact level and the threat scenarios. There will typically be guidance available to the appropriate impact level associated with various types of incident, including a data compromise. Combined with a view of the type and likelihood of a potential attack, it is possible to assess the risk and, therefore, determine whether you can trust a solution to provide an appropriate level of protection. Trust is typically measured by the level of assurance afforded by virtue of an industry standard or national scheme. In relation to CDS, network separation and policy enforcement are the two primary perspectives to check for assurance and these must be considered in any assessment of virtualisation in a CDS context.