A group of technology vendors at last week’s GEOINT 2015 conference demonstrated a data infrastructure they claim could stop hackers in their tracks.
The Multilevel Secure System (MLS) combines technology and services from Lockheed Martin, Seagate, Red Hat, SGI, Cray, Bay Microsystems, Mellanox, Vion, Altair, Crunchy and Splunk.
The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.
At the heart of the system lies a Seagate ClusterStor, which can scale to 100 PB and stores data and metadata separately for added speed and security.
Lockheed Martin is the system integrator for the ecosystem. Red Hat is providing its Enterprise Linux, along with Docker and cluster management and orchestration, while SGI and Cray bring high-performance computing capabilities. Bay and Mellanox are moving all that data with InfiniBand with RDMA.
Vion’s technology offers data access and fusion based on user role, while Altair’s PBS provides job scheduling, Crunchy is chipping in its Enterprise PostgreSQL database and Splunk is auditing it all.
At the Geospatial Intelligence conference in Washington, D.C., each vendor set up their own demonstration of how the system could work for users. Seagate showed two computer screens, one with access to more sensitive video of military operations than the other screen. Lockheed demonstrated the Data Fusion technology, with the ability to limit, merge or view data sets depending on role. One user might only have access to a lower level of data, while another could see that data with another level layered on top of it.
The vendors say the ecosystem could prevent breaches like the massive U.S. Office of Personnel Management data theft that was disclosed earlier this month.
For now the ecosystem is a rip-and-replace project, but the vendors are developing migration tools and methods so that its benefits could extend to existing infrastructure.