Implementing Cross Domain Hybrid Application (CDHA) architecture in government data systems introduces a paradigm shift in security protocols. This blog examines the application of CDHA in the Client's Application Process, shedding light on its effectiveness in safeguarding sensitive information.
The Client’s application process serves as a critical checkpoint in granting access to government systems and services. Applicants must undergo thorough processing, with levels ranging from Levels 1 to 3, before accessing classified data. However, the accumulation of sensitive data at the OFFICIAL level poses security risks, necessitating its transfer to a higher security network. When data is collected on low trust domains, it is carefully cataloged, starting with relatively less sensitive information like names, phone numbers, and social media contacts, progressing to more sensitive details such as work histories, addresses, family histories, and financial details. The application system, housing highly sensitive data, remains a prime target for threat actors. To counter potential breaches, protective measures are employed to secure data at rest and in transit. Threat assessments consider both internal and external threat actors, with a focus on nation-state adversaries possessing advanced capabilities. Under the strict oversight of regulations such as the GDPR and the Data Protection Act, the government, as guardians of a vast repository of sensitive data, bears a significant responsibility to safeguard this information against a constant stream of cyber threats. Ensuring compliance and strong personal data protection highlights the paramount importance of protecting this data.
In this high-stakes digital landscape, arises a pressing need for a shift in strategy. The risks associated with storing aggregated data on low trust domains or at the OFFICIAL level cannot be overstated. The clear need arises for this valuable information to be stored in the high trust domain rather than the low trust domain.
CDHA offers a solution by enabling secure data transmission from the low to the high trust domain, enhancing interoperability between security layers.
Case Study: Let’s consider a case study of an applicant who needs to progress through three different levels of processing, from L1 to L3 application, utilising CDHA.
L1 Application (Basic) – The process for L1 application starts with the initial data collection through a web application on the low trust domain. In instances of L1 application, while the data can remain in the low trust domain during the application process, it is only after a final decision has been made that the data is moved to the high trust domain and combined with other application data. This approach might allow the application system to become operational, if the risk of L1 data in the low trust domain is acceptable. This transition of L1 data to the high trust domain is managed using a predefined mechanism designed to enhance data security as it moves between domains, thereby promoting interoperability.
L2 Application (Intermediate) – For L2 application, the process initiates on the low trust domain but is designed to not remain there long-term. When the application is completed on the low trust domain, the data is safeguarded using Public Key Cryptography (PKC) established directly within the applicant’s browser through a JavaScript Crypto Library. This cryptographic approach ensures that the private key, crucial for security, remains securely stored and is not exposed externally. Consequently, throughout the process of completing this application, the data remains confidential, accessible only to the applicant. Upon completion of the form, the data is securely transferred to the high trust domain. This movement demonstrates effective data protection at the low trust domain and minimal interaction with the High Assurance Gateway, as the data only passes through the gateway once the application is submitted.
L3 Application (Advanced) - L3 applications are distinguished by their brief interaction with the low trust domain, where they are not stored at all. Data for L3 applications is immediately transferred through the High assurance Gateway and securely stored on the high trust domain from the outset. During its lifecycle, the application data is secured with two sets of key pairs: one specific to the applicant and another for the HITMAN gateway.
Access by Low Trust Domain Case Worker to Data in the High Trust Domain: In certain scenarios, a low trust domain case worker may need to access specific information related to a case they are handling from the high trust domain. In such cases, requests for data transfer from the high to the low trust domain are safeguarded using a key pair that belongs to the case worker, ensuring that sensitive information remains protected even when crossing from a higher to a lower security domain. This mechanism underscores the sophisticated security measures in place to maintain the integrity and confidentiality of sensitive data irrespective of its domain location.
At each stage of the application process, stringent security measures are in place to mitigate risks. To learn more about these protocols and how they secure sensitive data, please refer the detailed overview https://www.acubed.it/post/unveiling-the-security-features-of-cdha
The proposed integration of CDHA in the client’s application process aims to revolutionise data security within government systems. By leveraging advanced encryption techniques and secure data transmission protocols, CDHA seeks to ensure the confidentiality, integrity, and availability of sensitive information. As governments continue to confront evolving cybersecurity threats, CDHA represents a robust solution designed to safeguard national security interests.
Please watch our Senior Associate, Stephen Thomas, discussing this topic in this insightful video: https://www.youtube.com/watch?v=SXf7xoL9p9E&t=7s
Comments