Cross-domain use case: Drone observation
If data in a network should not fall into the wrong hands, connections with other networks must be sufficiently secured, certainly if the data in question is classified. A Cross-domain interface can prevent sensitive data from being accessed by unauthorized persons.
The use case described below shows how a satellite connection between a military drone and a command center can be secured using a Cross-domain interface. More Cross-domain use cases
The situation: A military drone observes an enemy location
A military drone observes an enemy location. The images of the drone are transmitted by satellite to a command center on the ground. The are then analyzed in the command center. The tactical analyses are stored on the command center’s network; these analyses are a state secret (Stg. GEHEIM classification) and must never fall into unauthorized hands.
The risk: Unauthorized access to the command center
The drone streams the video images it takes of the enemy location to the command center across a satellite connection. This connection is bi-directional and has a high bandwidth. Cyber attackers could gain control over the drone or use the connection to gain access to the command center. If that happens, classified information could be stolen.
The solution: Cross-domain interface with data diode
A PrimeDiode 3010 is installed in the command center. This data diode blocks transmission of data out of the command center by satellite connection, while continuing to permit reception of video data from the drone.
A PrimeProxy 19” is implemented either side of the PrimeDiode 3010. Both servers are equipped with PrimeDocks software that enables reception of the video stream.
All physical equipment (3U rack space in total) is inside the command center.
