Jump to content

Controlled interface

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 69.183.183.30 (talk) at 19:14, 5 August 2008 (added definition of controlled interface from CNSSI publication 4009, and provided example of simple controlled interface). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A controlled interface is a multilevel security system used to transfer low-classification data between security domains. The data to be transferred may theoretically move in either direction; the purpose of the controlled interface is to ensure that the data meets the criteria for transfer. This normally means that the data is of the lower classification. One example is the High Assurance Guard.

The Committee on National Security Systems (CNSS) publishes the 'NATIONAL INFORMATION ASSURANCE (IA) GLOSSARY', also known as CNSS Instruction No. 4009. In this glossary, a Controlled Interface is defined as follows: "Mechanism that facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system".

While some controlled interfaces are very complicated, others are very simple. A simple example of a controlled interface is a one-way data transfer system that moves data from a low security network to a high security network while assuring that high security data can never escape. One-way controlled interfaces are also called data diodes.

Stub icon

This computer science article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Controlled_interface&oldid=230041307"