 |
This article is an orphan, as few or no other articles link to it. Please introduce links to this page from other articles related to it. (October 2006) |
A High Assurance Guard (HAG) is a Multilevel security computer device which is used to communicate between different Security Domains, such as NIPRNet to SIPRNet. A HAG is one example of a Controlled Interface between security levels. HAGs are approved through the Common Criteria process.
Operation
A HAG runs multiple virtual machines - one subsystem for the lower classification, one subsystem for the higher classification. The hardware runs a type of Knowledge Management software that examines data coming out of the higher classification subsystem and rejects any data that is classified higher than the lower classification. In general, a HAG allows lower classified data that resides on a higher classified system to be moved to another lower classified system. For example, in the US, it would allow unclassified information residing on a classified secret system to be moved to another unclassified system. Through various rules and filters, the HAG ensures that data is of the lower classification and then allows the transfer.
Importance, risks
The HAG is mostly used in email and DMS environments as certain organizations may only have unclassified network access, and they need to send a message to an organization that has only secret network access. The HAG provides them this ability.
 |
This computer-related article is a stub. You can help Wikipedia by expanding it. |
This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)
