Annual Computer Security Applications Conference (ACSAC) 2016

Full Program »

The Cross Domain Desktop Compositor: Using hardware-based video compositing for a multi-level secure user interface

We have developed the Cross Domain Desktop Compositor, a hardware-based multi-level secure user interface, suitable for deployment in high-assurance environments.
Through composition of digital display data from multiple physically-isolated single-level secure domains, and judicious switching of keyboard and mouse input, we provide an integrated multi-domain desktop solution. The system developed enforces a strict information flow policy and requires no trusted software. To fulfil high-assurance requirements and achieve a low cost of accreditation, the architecture favours simplicity, using mainly commercial-off-the-shelf components complemented by small trustworthy hardware elements.
The resulting user interface is intuitive and responsive and we show how it can be further leveraged to create integrated multi-level applications and support managed information flows for secure cross domain solutions.
This is a new approach to the construction of multi-level secure user interfaces and multi-level applications which minimises the required trusted computing base, whilst maintaining much of the desired functionality.


Mark Beaumont    
DST Group, Department of Defence

Jim McCarthy    
DST Group, Department of Defence

Toby Murray    
University of Melbourne / Data61 CSIRO


Powered by OpenConf®
Copyright©2002-2016 Zakon Group LLC