Cross Domain Hybrid
Application Framework
Secure by Design: A reusable pattern for seamless interoperability & Cross domain collaboration
The problem
The UK Government collects extensive data from citizens and through its Task Force Data Collection at the OFFICIAL level.
In certain instances, this aggregated data needs to be preserved within higher security or trust boundaries. If such data were to fall into malicious hands, it could pose a risk of reputation damage or significant national security risk. When consolidated, this data can offer invaluable insights to adversarial state entities, necessitating that the aggregated data be housed within SECRET/High Trust domains.
The CDHA Framework offers a solution that not only secures data at the OFFICIAL level but also facilitates controlled transactions, allowing portions of a record to be safely shared within the OFFICIAL domain.
What is the CDHA Framework?
Secure by Design: A reusable pattern for seamless interoperability & Cross domain collaboration
​
The challenges and risks associated with data aggregation are not exclusive to the UK HMG but also extend to our collaboration within the Five Eyes (FVEY) intelligence alliance.
​
Acknowledging this significant challenge and its associated risks, Acubed.IT has collaborated with the NCSC for more than three years. Together, we have developed a framework, established a design pattern, and crafted a product that empowers HMG to create applications spanning multiple security and trust boundaries, all while adhering to the 'Secure by Design' principles.
With CDHA, applications can achieve an optimal balance: superior usability and performance at the OFFICIAL level, while ensuring data storage at the SECRET/Higher Trust tier. CDHA represents a ground-breaking technology that could redefine the way the UK government conceptualises and develops secure applications in the coming years. The potential of CDHA to revolutionise governmental operations is immense.
​
CDHA revolutionises data security by seamlessly bridging trust boundaries. With robust encryption and secure data transfer, CDHA empowers organisations to confidently manage and process sensitive data across diverse security classifications.
Using the CDHA Framework to Modernise Government Security
The implementation of Zero Trust architecture has introduced a paradigm shift to government’s approach to network security. In contrast to the perimeter-centric threat model, zero trust architecture focus on the inherent qualities of the data.
As government modernises its approach to security, the Cross Domain Hybrid Application Framework provides an opportunity for a further step change. The CDHA framework is a new application design framework, which employs secure design methods to enable an application to communicate across security boundaries.
With ‘Secure by Design’ being the focus of the framework, we have produced a truly remarkable tool for enabling systems to talk to each other in a secure and safe manner.
​
The CDHA framework enables applications within a Low Trust setting to gather data from users. By encrypting this data with a user-specific key, only the original creator can access the data even in a Low Trust domain. This design ensures the data remains secure, preventing it from becoming a vulnerability or an attractive target for malicious actions.
CDHA Benefits
Unique Cross Domain Cryptographic Key Management
Our solution is unique and has no direct competitiors.
Secure Data Transfer
Secure movement of data between High and Low trust environments.
Data Storage at Secret
Aggregated data stored in a secure domain.
Seamless User Key Management
Our solution enables a seamless experience of key management for end users.
Minimising Dependency on Secret EUD
Significantly reduces the need for Tier 2 End User Devices and Infrastructure.
Next Generation Cross-Domain Solution
CDHA protects against the highest threats, protecting the UK's most sensitive systems.
When do you use the CDHA Framework?
Users enter information into a form within the OFFICIAL or Low Trust domains, and the data is securely transferred to the High Trust area, leaving little to no trace behind.
If your application portal operates on a Low Trust domain and gathers data at the OFFICIAL level, that data must remain encrypted and protected at all times.
If your Low Trust application portal collects information at the OFFICIAL level and a segment of this data requires processing on a more secure network, then it's imperative to have the right protocols.
While data may reside in the higher security tier, specific portions of records or data should be securely made available to the OFFICIAL level to enhance application accessibility.
Why Trust acubed.it?
Proven track record of providing innovative, tailored cybersecurity solutions.
​
Prioritising the UK's evolving cybersecurity needs with advanced technology.
Expertise in cross-domain and cloud solutions.