The Cross Domain Desktop Compositor: Using hardware-based video compositing for a multi-level secure user interface
Authors
Defence Science & Technology Groupp
University of Melbourne
Abstract
We have developed the Cross Domain Desktop Compositor, a hardware-based multi-level secure user interface, suitable for deployment in high-assurance environments.
Through composition of digital display data from multiple physically-isolated single-level secure domains, and judicious switching of keyboard and mouse input, we provide an integrated multi-domain desktop solution. The system developed enforces a strict information flow policy and requires no trusted software. To fulfil high-assurance requirements and achieve a low cost of accreditation, the architecture favours simplicity, using mainly commercial-off-the-shelf components complemented by small trustworthy hardware elements.
The resulting user interface is intuitive and responsive and we show how it can be further leveraged to create integrated multi-level applications and support managed information flows for secure cross domain solutions.
This is a new approach to the construction of multi-level secure user interfaces and multi-level applications which min- imises the required trusted computing base, whilst maintaining much of the desired functionality.
BibTeX Entry
@inproceedings{Beaumont_MM_16,
author = {Mark Beaumont and Jim McCarthy and Toby Murray},
booktitle = {Annual Computer Security Applications Conference (ACSAC)},
doi = {10.1145/2991079.2991087},
isbn = {978-1-4503-4771-6/16/12},
month = dec,
numpages = {13},
paperurl = {https://trustworthy.systems/publications/papers/Beaumont_MM_16.pdf},
title = {The {Cross Domain Desktop Compositor}: Using hardware-based video compositing for a multi-level
secure user interface},
year = {2016}
}
Full text
BibTeX