48 CYBER SECURITY
FEBRUARY 2022 | WWW.AUSTRALIANDEFENCE.COM.AU
 SAFEGUARDING DEFENCE DATA
In high-threat environments such as Defence, computing systems must be robust and secure to safeguard sensitive data against attackers, without compromising usability and productivity.
ROYA GHODSI | SYDNEY
   THE WINNER of the 2021 Defence Science and Technol- ogy Eureka Prize for Outstanding Science in Safeguard- ing Australia, the Cross Domain Desktop Compositor, is a hardware-based multi-level secure user interface which offers a new solution to this challenge.
In a computing environment, users deal with information spanning multiple security domains or different levels of safe- ty criticality that must remain strictly isolated to prevent data leakage. This is especially important in sectors such as gov- ernment, national security and critical infrastructure, where the consequences of data loss or compromise can be grave.
A common solution is to use multiple computers, one for each domain or criticality. Defence and other high-risk en- vironments traditionally use KVM (Keyboard, Video and Mouse) switches, which allow the user to control multiple computers via a single keyboard, monitor and mouse. While this use of multiple single-level secure systems ensures net- works remain isolated, it doesn’t allow for concurrent or si- multaneous access between networks, thereby abandoning usability for the sake of security. Existing solutions which do provide that single unified interface on the other hand, rely on large amounts of untrustworthy software.
CDDC DESCRIBED
The Cross Domain Desktop Compositor (CDDC) is de- signed to be a drop-in replacement for the secure KVM switches currently being used by Defence, maximising both usability and security for end-users. The computing de- vice, developed by Defence scientists in collaboration with CSIRO’s Data61 digital research network and partners in academia, allows for the physical separation of sensitive data and systems from less trustworthy networks such as public internet, while still enabling seamless, simultaneous access to both types of networks.
“The CDDC is very simple,” Mark Beaumont of Depart- ment of Defence told ADM. “It takes graphical elements from each of the isolated computer networks’ desktop in- terfaces and visually composites them together into a single user interface, and it does this at a hardware level that is more trustworthy than existing solutions.
“The CDDC enables an immediacy of information from all the networks the user operates on, while keeping that information secure. It also helps the user process that in- formation, because there’s less cognitive load when context switching between operating on different networks, result-
  DEFENCE