TA84 Cross Domain, IdAM, Data Security
Cross Domain Unstructured Data Exchange (CDUX)
Cross Domain Unstructured Data Exchange (CDUX) describes a consistent and
complete process for securely sourcing, preparing, transmitting, receiving,
transferring, delivering, certifying, and distributing data files that cannot be inspected
or filtered through normal cross domain filtering practices. The goal of CDUX is to
effectively verify the integrity and assured delivery of executable or encoded
Information Technology (IT) products produced by trusted originators that are then
transferred and distributed on classified IT domains.
Package Manifest
CDUX utilizes the Intelligence Community – Trusted Data Format (IC-TDF) Trusted
Data Object (TDO) as flexible basis for encapsulating relevant metadata and digital
signatures. MITRE worked with the Common Metadata Standards Tiger Team
(CMSTT) and the Amazon Web Services (AWS) Diode Team, and multiple vendors to
develop a prototype that can be used as the reference architecture for greater
adoption.
Automation
CDUX is designed to be integrated into Continuous Integration
(CI)/Continuous Delivery (CD) pipelines for delivery of complied
software, binaries, container images, virtual machine images, or
other formats that are not easily inspected by Cross Domain
Solutions (CDS).
Goveranance
CDUX provides governance in the form of requirements and guidelines for the
government sponsors and product originators to utilize in developing solutions to meet
their mission needs.
FJ: CDS