The SPYRUS Secure Operational Environment (SOE) will contain the entire operating environment for the desired COTS portable mobile device, whether it be an Android-based smartphone or a Windows-based tablet computer. The SOE is one element in a proposed family of devices incorporating features from the SPYRUS Secure Pocket Drive, the Hydra PC Personal Encryption Device approved for classified, and the Rosetta SPYCOS secure token family. Initial SOE form factor will be a removable microSD device that will contain a hardware security processing subsystem, a secure operating system such as NSA""s SE Android, SE Linux, or Citrix XenClient XT, and an external form factor that will mimic standard modules for storage, communication, and other enhancements. SOE will be designed, based on SPYRUS experience with the NSA""s Commercial Solution for Classified (CSfC) center, to be approvable for SECRET, and potentially TOP SECRET depending on the Operational Security Doctrine. The SPYRUS Secure Operating Environment will give the DoD/IC user the flexibility of COTS mobile devices and their unobtrusive nature combined with security. The Phase I end goal will be to provide a proof-of-concept design and prototype demonstrating the feasibility of the concept and to verify the Technology Readiness Level (TRL).
Benefit: Over the past decade, the news reports have been filled with details of sensitive and even classified information falling into the wrong hands. In many if not all cases, the cause of the data loss was the use of unprotected personal mobile devices; portable storage devices, including laptops and USB memory devices; and other media, including CDs and DVDs. As indicated earlier, the growth of capabilities in personal mobile devices makes them prime candidates for theft and compromise. Implementing data security using the SPYRUS comprehensive schema for a Secure Operating Environment will mitigate most if not all of these threats, particularly in the following areas: Confidentiality: Knowledge of data must be restricted to those authorized to receive it, for the duration of the useful information life of the data. In the case of some personal information, the information life may be the life of the individual, or as much as 100 years. This level of protection demands the strongest algorithms and key strengths available. Integrity: The content of the data cannot be modified without detection, either accidentally or deliberately. In most cases, the provable origin or provenance of the data is as important the content. Again, in the case of personal information, including medical records and individual social entitlements, the integrity of the information must be guaranteed for the life of the individual. Very strong hash functions and digital signatures are required to protect data for this length of time. Availability: The data must be available whenever it is needed, regardless of the passage of time or various forms of failure or attack mechanisms, including the complete failure or destruction of the media containing the data or the obsolescence of the playback media or hardware. Both data backup and data archiving must be supported.
