MLS Clouds
I now bring the ‘Cloud’ blog series to an end by discussing MLS clouds and how BlueSpace fits into the cloud topic. If you’ve missed the last two...
Trusted Service Bus
An administratively controlled message bus for MLS applications
The BlueSpace Trusted Service Bus is an administratively controlled message bus designed for orchestrating application interfaces and services that run at multiple security levels at the same time.
As opposed to moving large amounts of content between security levels, like a conventional guard, the Trusted Service Bus is designed for short application messages, leaving content to reside at the appropriate security level. Combined with the Client Framework, the BlueSpace MLS middleware solution facilitates the rapid development and deployment of MLS ‘mashups’ that minimize the size of the Trusted Computing Base (TCB) to facilitate more efficient accreditation.
Defense and intelligence organizations are migrating silo based architectures to connected SOA fabrics using web services and unified data layers. These fabrics are often required to cross boundaries between organizations, nations and security levels to achieve a single view of the data. And this is not just a system challenge at the infrastructure level – end user interfaces that span multiple security levels and networks can provide transformational capabilities to intelligence analysts and warfighters.
BlueSpace has developed its MLS middleware solution to help address these challenges. The BlueSpace Trusted Service Bus is an administratively controlled message bus that facilitates application messaging between different networks and security labels. These messages are typically short, human readable and carry little or no end user generated content.
The Trusted Service Bus can be paired with the BlueSpace Client Framework to allow rapid development and deployment of MLS end user ‘mashup’ applications, including federated search, blogs, wikis, IM and C2 systems. These two products are leveraged by BlueSpace’s MLS applications – Unity, Discover and GeoSpace.
The Trusted Service Bus is deployed on an Application Appliance (specific to a given user application) along with separate instances of the Mashup Server and the Application Server specific to that application. The Application Appliance must connect to each network that the MLS system is spanning. For each user, separate instances of BlueSpace Connect (part of the Client Framework) communicate with the Application Appliance at each security level, and the Trusted Service Bus provides the means to route the messages between domains.
