SecureView provides accredited cross-domain security on a single system, delivering improved performance for mission-critical applications through hardware-assisted virtualization. It was developed through collaboration between the US Air Force Research Laboratory, Intel, and Citrix. Analysis estimates SecureView reduces total cost of ownership by up to 67% compared to traditional single-domain architectures and 45% over alternative multi-domain thin-client solutions.
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
The Certificate of Cloud Security Knowledge (CCSK) has become an important certification and provides a new area of opportunity for training and consulting companies. As cloud computing is being adopted globally, one of the needs is proper implementation of cloud computing with the appropriate security controls.
Vortex II -- The Industrial IoT Connectivity StandardAngelo Corsaro
The large majority of commercial IoT platforms target consumer applications and fall short in addressing the requirements characteristic of Industrial IoT. Vortex has always focused on addressing the challenges characteristic of Industrial IoT systems and with 2.4 release sets a the a new standard!
This presentation will (1) introduce the new features introduced in with Vortex 2.4, (2) explain how Vortex 2.4 addresses the requirements of Industrial Internet of Things application better than any other existing platform, and (3)showcase how innovative companies are using Vortex for building leading edge Industrial Internet of Things applications.
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
The Certificate of Cloud Security Knowledge (CCSK) has become an important certification and provides a new area of opportunity for training and consulting companies. As cloud computing is being adopted globally, one of the needs is proper implementation of cloud computing with the appropriate security controls.
Vortex II -- The Industrial IoT Connectivity StandardAngelo Corsaro
The large majority of commercial IoT platforms target consumer applications and fall short in addressing the requirements characteristic of Industrial IoT. Vortex has always focused on addressing the challenges characteristic of Industrial IoT systems and with 2.4 release sets a the a new standard!
This presentation will (1) introduce the new features introduced in with Vortex 2.4, (2) explain how Vortex 2.4 addresses the requirements of Industrial Internet of Things application better than any other existing platform, and (3)showcase how innovative companies are using Vortex for building leading edge Industrial Internet of Things applications.
Esg solution showcase considerations for protecting converged systems and ...Fernando Alves
Jason Buffington, Sr. Analyst Enterprise Strategy Group, examines the considerations for protecting converged/hyperconverged infrastructures and shares what Veritas is doing about it.
Key Security Insights: Examining 2014 to predict emerging threats Dell World
Cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this session, we’ll present the most common attacks Dell SonicWALL observed since 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises moving forward. This session is perfect for anybody who is interested in learning more about the state of the union in security.
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Troy Marshall
CyCon 3.0 presentation- February 15, 2020
Successful digital transformations don’t begin with technology, they begin with people. As organizations adopt DevOps and cloud and realize the increased release velocity, ensuring the security of software and systems at the same velocity is a necessity but doing so isn’t easy. In this talk you will learn about common security challenges in DevOps and cloud and the skills cybersecurity professionals need to solve these challenges.
This presentation goes through a higher level overview of understanding cyber resilience, important concepts, the difference between cybersecurity and cyber resilience, and frameworks aimed at achieving or assessing an organizations cyber resilience.
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
The Unisys Stealth suite of solutions uses identification, authentication, and encryption to provide security for endpoints, remote users, data centers, and data. The unique design of the solution enables Unisys to create undetectable authenticated user groups that appear invisible to the normal network, allowing critical information to be delivered in a secure network and enabling Unisys to effectively isolate, encrypt, and cloak networks. With its strong overall performance and demonstration of helping clients reduce risk, while also reducing complexity and cost, Unisys has earned Frost & Sullivan’s 2015 New Product Innovation Award.
Top Cited Papers - International Journal of Network Security & Its Applicatio...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
Executive Summary
No industrial operation is free of risk, and different industrial enterprises may legitimately have different “appetites” for certain types of risks. Evaluating cyber risk in industrial control system (ICS) networks is difficult, considering their complex nature. For example, an evaluation can consider (explicitly or implicitly) up to hundreds of millions of branches of a complex attack tree modelling of cyberattacks interaction with cyber, physical, safety and protection equipment and processes. This paper was written to assist cyber professionals to understand and communicate the results of such risk assessments to non-technical business decision-makers.
This paper proposes that cyber risk be communicated as a Design Basis Threat (DBT) line drawn through a representative “Top 20” set of cyberattacks spread across a spectrum of attack sophistication. These Top 20 attacks have been selected to represent cyber threats to industrial sites across a wide range of circumstances, consequences and sophistication. Many industrial cyber risk practitioners will find the list useful as-is, while expert practitioners may choose to adapt the list to their more detailed understanding of their own sites’ circumstances.
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
Success with enterprise Internet of Things (IoT) initiatives begins with strong partnerships between IT and operations technology (OT) organizations and identifying relevant use cases with measurable ROI. Next, choosing the right IoT architecture and technology requires determining the capabilities are needed at the edge and what are needed in the cloud and datacenter to minimize cost and enable analytics-driven action. This session will discusses the challenges involved with introducing sensors and smart devices into your network, including building infrastructure and analytics capabilities , and securing data and applications. Learn how Dell'S IoT-specific gateways, edge analytics software and infrastructure solutions provide flexible architecture options for multiple IoT use cases.
I want to thank everyone who attended this presentation at AFCOM Data Center World Fall 2011 in Orlando, FL.
Studies show the number of data centers deploying virtual cloud computing will rapidly increase in the next five years. Other studies show that the number of Internet attacks and their level of sophistication will also grow significantly. This session identifies approaches to reduce the risk of business disruptions resulting from inadequate virtual security controls in a data center. It will cover utilizing best practices for security configurations, measuring information security status, and making rational decisions about security investments.
Connect with me if you have any questions or need additional information.
Please favorite this if you like it. I look forward to seeing you again soon.
Regards,
Hector Del Castillo
http://linkd.in/hdelcastillo
Architecture centric support for security orchestration and automationChadni Islam
The presentation was prepared for the University of Adelaide School of Computer Science Research Seminar Series. See the slides to know
- what is security orchestration?
- what are the key challenges in this domain?
- how software architecture can play a role in improving the design decision of security orchestration and automation platform?
Review on Security Aspects for Cloud Architecture IJECEIAES
Cloud computing is one of the fastest growing and popular technology in the field of computing. As the concept of cloud computing was introduced in 2006. Since then large number of IT industries join the queue to develop many cloud services and put sensitive information over cloud. In fact cloud computing is no doubt the great innovation in the field of computing but at the same time also poses many challenges. Since a large number of organizations migrate their business to cloud and hence it appears as an attractive target for the malicious attack. The purpose of the paper is to review the available literature for security concerns and highlight a relationship between vulnerabilities, attacks and threats in SaaS model. A mapping is being presented to highlight the impact of vulnerabilities and attacks.
Automated Interpretation and Integration of Security Tools Using Semantic Kno...Chadni Islam
Conference Presentation - CAiSE 2019
A security orchestration platform aims at integrating the activities performed by multi-vendor security tools to streamline the required incident response process. To make such a platform useful in practice in a Security Operation Center (SOC), we need to address three key challenges: interpretability, interoperability, and automation. In this paper, we proposed a novel semantic integration approach to automatically select and integrate security tools with essential capability for auto-execution of an incident response process in a security orchestration platform. The capability of security tools and the activities of the incident response process are formalized using ontologies, which have been used for NLP based approach to classify the activities for the emerging incident response processes. The developed ontologies and NLP approaches have been used for an interoperability model for selection and integration of security tools at runtime for the successful execution of an incident response process. Experimental results demonstrate the feasibility of the classifier and interoperability model for achieving interpretability, interoperability, and automation of security tools integrated into a security orchestration platform.
Esg solution showcase considerations for protecting converged systems and ...Fernando Alves
Jason Buffington, Sr. Analyst Enterprise Strategy Group, examines the considerations for protecting converged/hyperconverged infrastructures and shares what Veritas is doing about it.
Key Security Insights: Examining 2014 to predict emerging threats Dell World
Cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this session, we’ll present the most common attacks Dell SonicWALL observed since 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises moving forward. This session is perfect for anybody who is interested in learning more about the state of the union in security.
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Troy Marshall
CyCon 3.0 presentation- February 15, 2020
Successful digital transformations don’t begin with technology, they begin with people. As organizations adopt DevOps and cloud and realize the increased release velocity, ensuring the security of software and systems at the same velocity is a necessity but doing so isn’t easy. In this talk you will learn about common security challenges in DevOps and cloud and the skills cybersecurity professionals need to solve these challenges.
This presentation goes through a higher level overview of understanding cyber resilience, important concepts, the difference between cybersecurity and cyber resilience, and frameworks aimed at achieving or assessing an organizations cyber resilience.
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
The Unisys Stealth suite of solutions uses identification, authentication, and encryption to provide security for endpoints, remote users, data centers, and data. The unique design of the solution enables Unisys to create undetectable authenticated user groups that appear invisible to the normal network, allowing critical information to be delivered in a secure network and enabling Unisys to effectively isolate, encrypt, and cloak networks. With its strong overall performance and demonstration of helping clients reduce risk, while also reducing complexity and cost, Unisys has earned Frost & Sullivan’s 2015 New Product Innovation Award.
Top Cited Papers - International Journal of Network Security & Its Applicatio...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
Executive Summary
No industrial operation is free of risk, and different industrial enterprises may legitimately have different “appetites” for certain types of risks. Evaluating cyber risk in industrial control system (ICS) networks is difficult, considering their complex nature. For example, an evaluation can consider (explicitly or implicitly) up to hundreds of millions of branches of a complex attack tree modelling of cyberattacks interaction with cyber, physical, safety and protection equipment and processes. This paper was written to assist cyber professionals to understand and communicate the results of such risk assessments to non-technical business decision-makers.
This paper proposes that cyber risk be communicated as a Design Basis Threat (DBT) line drawn through a representative “Top 20” set of cyberattacks spread across a spectrum of attack sophistication. These Top 20 attacks have been selected to represent cyber threats to industrial sites across a wide range of circumstances, consequences and sophistication. Many industrial cyber risk practitioners will find the list useful as-is, while expert practitioners may choose to adapt the list to their more detailed understanding of their own sites’ circumstances.
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
Success with enterprise Internet of Things (IoT) initiatives begins with strong partnerships between IT and operations technology (OT) organizations and identifying relevant use cases with measurable ROI. Next, choosing the right IoT architecture and technology requires determining the capabilities are needed at the edge and what are needed in the cloud and datacenter to minimize cost and enable analytics-driven action. This session will discusses the challenges involved with introducing sensors and smart devices into your network, including building infrastructure and analytics capabilities , and securing data and applications. Learn how Dell'S IoT-specific gateways, edge analytics software and infrastructure solutions provide flexible architecture options for multiple IoT use cases.
I want to thank everyone who attended this presentation at AFCOM Data Center World Fall 2011 in Orlando, FL.
Studies show the number of data centers deploying virtual cloud computing will rapidly increase in the next five years. Other studies show that the number of Internet attacks and their level of sophistication will also grow significantly. This session identifies approaches to reduce the risk of business disruptions resulting from inadequate virtual security controls in a data center. It will cover utilizing best practices for security configurations, measuring information security status, and making rational decisions about security investments.
Connect with me if you have any questions or need additional information.
Please favorite this if you like it. I look forward to seeing you again soon.
Regards,
Hector Del Castillo
http://linkd.in/hdelcastillo
Architecture centric support for security orchestration and automationChadni Islam
The presentation was prepared for the University of Adelaide School of Computer Science Research Seminar Series. See the slides to know
- what is security orchestration?
- what are the key challenges in this domain?
- how software architecture can play a role in improving the design decision of security orchestration and automation platform?
Review on Security Aspects for Cloud Architecture IJECEIAES
Cloud computing is one of the fastest growing and popular technology in the field of computing. As the concept of cloud computing was introduced in 2006. Since then large number of IT industries join the queue to develop many cloud services and put sensitive information over cloud. In fact cloud computing is no doubt the great innovation in the field of computing but at the same time also poses many challenges. Since a large number of organizations migrate their business to cloud and hence it appears as an attractive target for the malicious attack. The purpose of the paper is to review the available literature for security concerns and highlight a relationship between vulnerabilities, attacks and threats in SaaS model. A mapping is being presented to highlight the impact of vulnerabilities and attacks.
Automated Interpretation and Integration of Security Tools Using Semantic Kno...Chadni Islam
Conference Presentation - CAiSE 2019
A security orchestration platform aims at integrating the activities performed by multi-vendor security tools to streamline the required incident response process. To make such a platform useful in practice in a Security Operation Center (SOC), we need to address three key challenges: interpretability, interoperability, and automation. In this paper, we proposed a novel semantic integration approach to automatically select and integrate security tools with essential capability for auto-execution of an incident response process in a security orchestration platform. The capability of security tools and the activities of the incident response process are formalized using ontologies, which have been used for NLP based approach to classify the activities for the emerging incident response processes. The developed ontologies and NLP approaches have been used for an interoperability model for selection and integration of security tools at runtime for the successful execution of an incident response process. Experimental results demonstrate the feasibility of the classifier and interoperability model for achieving interpretability, interoperability, and automation of security tools integrated into a security orchestration platform.
Setting up Your Staff and Volunteers for SuccessAudienceView
Your staff and volunteers are the face of your organization. They humanize your brand and build meaningful relationships with your patrons and fans to keep them coming back. Without engaged and motivated staff and volunteers, you can’t deliver an exceptional customer experience. As managers and leaders, what can be done to set your teams up for success? In this talk, we’ll examine recruitment and retention and how to design a volunteer program that scales. We’ll also discuss ways to empower your team, how to address conflict, and ways to measure success.
Attendees will learn:
How to build meaningful customer relationships
How to improve your recruiting process
How to design and scale your volunteer program
Private sector cyber resilience and the role of data diodesOllie Whitehouse
This whitepaper intended for enterprise architects and cyber security professionals looks at the role of data diodes in modern network design and operation.
A Study of A Method To Provide Minimized Bandwidth Consumption Using Regenera...IJERA Editor
Cloud storage systems to protect data from corruptions, redundant data to tolerate failures of storage and lost data should be repaired when storage fails. Regenerating codes provide fault tolerance by striping data across multiple servers, while using less repair traffic than traditional erasure codes during failure recovery. In previous research implemented practical Data Integrity Protection (DIP) scheme for regenerating-coding based cloud storage. Functional Minimum-Storage Regenerating (FMSR) codes and it construct FMSR-DIP codes, which allow clients to remotely verify the integrity of random subsets of long-term archival data under a multi server setting. The problem is to optimize bandwidth consumption when repairing multiple failures. The cooperative repair of multiple failures can help to further save bandwidth consumption when multiple failures are being repaired.
Privacy-Preserving Public Auditing for Regenerating-Code-Based Cloud Storage1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
The advancements in cloud computing and leveraging the benefits from
cloud computing to the service providers have increased the deployment of
traditional applications to the cloud. The applications once deployed on the
cloud, due to various reasons, need migration from development
infrastructure to operational infrastructure, one operational instance to other
operational instances due to load balancing and the cycle continues due to the
use of DevOps as development strategies for cloud computing applications.
Advocates of hybrid and public clouds observe cloud computing makes it
possible for organizations to avert or minimize upfront IT infrastructure
expenses. Proponents also assert that cloud computing systems permit
businesses to receive their software up and running faster, using improved
manageability and less maintenance, so it empowers IT teams to rapidly
adapt tools to meet the varying and unpredictable requirements. DevOps is a
lot of practices that mechanizes the procedures between programming
improvement and IT groups, all together that they can fabricate, test, and
discharge programming quicker and even more dependably. The idea of
DevOps is established on building a culture of a joint effort between groups
that generally worked in relative siloes. The guaranteed advantages
incorporate expanded trust, quicker programming discharges, capacity to
explain basic issues rapidly and better oversee impromptu work. Thus, this
work identifies the need for providing multiple security protocols during the
complete life cycle of cloud application development and deployment. This
work proposes a novel framework for automatic selection and deployment of
the security protocols during cloud service deployments. The framework
identifies the need for security aspects and selects the appropriate security
algorithms for virtual machines. The proposed framework demonstrates
nearly 80% improvement over the security policy deployment time.
Presentation at the International Industry-Academia Workshop on Cloud Reliability and Resilience. 7-8 November 2016, Berlin, Germany.
Organized by EIT Digital and Huawei GRC, Germany.
Twitter: @CloudRR2016
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Security and risk analysis in the cloud with software defined networking arch...IJECEIAES
Cloud computing has emerged as the actual trend in business information technology service models, since it provides processing that is both costeffective and scalable. Enterprise networks are adopting software-defined networking (SDN) for network management flexibility and lower operating costs. Information technology (IT) services for enterprises tend to use both technologies. Yet, the effects of cloud computing and software defined networking on business network security are unclear. This study addresses this crucial issue. In a business network that uses both technologies, we start by looking at security, namely distributed denial-of-service (DDoS) attack defensive methods. SDN technology may help organizations protect against DDoS assaults provided the defensive architecture is structured appropriately. To mitigate DDoS attacks, we offer a highly configurable network monitoring and flexible control framework. We present a dataset shift-resistant graphic model-based attack detection system for the new architecture. The simulation findings demonstrate that our architecture can efficiently meet the security concerns of the new network paradigm and that our attack detection system can report numerous threats using real-world network data.
Data Protection in the cloud, On-premises & anywhere in between.
A company’s most important asset is its data. No matter what a business’s data is comprised of, patent filings, architectural blueprints, medical files, customer account details, etc., it is critical to have comprehensive backup and disaster recovery plans to mitigate potential loss or access.
Reducing TCO for Web-Based Applications
Performance-based server consolidation based on the Intel® Xeon® processor 5500 series lowers operating costs and achieves positive return on investment
1. SecureView: Government/Industry Collaboration
Delivers Improved Levels of Security, Performance,
and Cost Savings for Mission-Critical Applications
SecureView provides accredited cross-domain security, delivers the performance for advanced collaboration,
and is estimated to reduce total cost of ownership (TCO) by up to 67 percent over single-domain architectures and
45 percent over an alternative thin-client, multi-domain architecture with results normalized to a four-year refresh
cycle. The SecureView solution is the result of close collaboration among the US Air Force Research Laboratory,
Intel and Citrix, and uses Citrix XenClient™
XTand Intel®
vPro™
technology.
Authors:
Dr. Ryan J. Durante, DR-III, DAFC
Mr. John C. Woodruff, DR-III, DAFC
Cross-Domain Solutions and Innovation
Air Force Research Laboratory
Information Directorate
United States Air Force
White Paper
2. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
2
Table of Contents
Executive Summary.................................................................................................................... 3
Developing SecureView............................................................................................................. 4
SecureView Technology Overview............................................................................................ 5
Comparing the Total Costs of Four Deployment Models......................................................... 5
Environment 1.............................................................................................................................. 6
Environment 2.............................................................................................................................. 6
Environment 3.............................................................................................................................. 7
Environment 4.............................................................................................................................. 7
Cross-Domain Platform TCO Summary..................................................................................... 8
Deployment Costs: Hardware..................................................................................................... 8
Deployment Costs: Implementation, Training and Application Porting/Replacement......... 9
Annual Power Costs..................................................................................................................... 9
Annual Management Costs......................................................................................................... 9
Productivity Losses.................................................................................................................... 10
Security Benefits........................................................................................................................ 10
Conclusion.................................................................................................................................11
3. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
3
Performance and Responsiveness. SecureView can run on
commercially available PCs, laptops or tablets with Intel®
Core™
vPro™
technology-based processors with Intel®
Inte-
grated Graphics. This supports mission effectiveness by
enabling analysts and other users the performance to run
geographic information systems (GIS), multi-party High
Definition , videoconferencing, and other performance-
intensive applications that are essential to modern analysis
and collaboration. SecureView’s client-side intelligent virtual-
ization and local execution avoid the performance degrada-
tions of network latency often encountered with server-side
virtualization. SecureView not only provides a consistently
responsive end-user experience but also offers flexibility for
sites and users that need the flexibility of mobile computing;
allowing users to work productively even when persistent
network connectivity is lacking.The net result is demonstrable
improvements to user productivity.
Costs. SecureView reduces the traditional need for each user
to have separate workstations for each security level. As a
client-hosted virtualization (CHV) solution, it doesn’t require
the network and back-end build-out often necessary with
server-hosted virtualization (SHV) approaches running on
thin-clients. AFRL applied their direct experience in consulta-
tion with industry counterparts to conduct a detailed analysis
of the TCO to deploy, manage, and support SecureView and
three common deployment models. The data provided is
verified by AFRL where available and based on conventional
industry benchmark data otherwise. The concluding analysis
estimates that SecureView reduces annual total (capital and
operational) costs by up to 67 percent compared to single-
domain architectures and up to 45 percent over a widely
deployed thin-client, multi-domain architecture. The study
shows that a site deploying SecureView to 10,000 users over
a four-year period achieves cost savings of up to:
• $63.53 millioncompared to a traditional environment
with independent security levels and three PCs per user
(Environment 1)
• $73.79 million compared to a deployment with single-level
security using two thin-clients and one PC (Environment 2)
• $29.85 million comparedto a multi-level security solution
with one thin-client (Environment 3)3
Executive Summary
Data access and information-sharing strategies for the most
sensitive communities within the US Government must provide
affordability without compromising the most stringent require-
ments for data security and operational efficiency. In a security
environment marked by increasing sophistication and persis-
tent threats, the Office of the Director of National Intelligence
(ODNI) asked the US Air Force Research Laboratory (AFRL)
to lead the development of a solution. AFRL engaged in a
technical collaboration with Intel and Citrix resulting in Secure-
View, a government solution that expands on commercial
off-the-shelf (COTS) capabilities in Citrix XenClient™
and Intel®
Core™ i5 and i7 vPro™ processors.
SecureView has been deployed at more than one dozen
federal agencies and has saved the government millions of
dollars in development and TCO expenses. The solution is less
vulnerable to modification or corruption than traditional soft-
ware-based security solutions and provides unprecedented
performance for mission-critical collaboration and media-
intensive use cases than alternate hardware configurations.
As a hardened client-hosted virtualization (CHV) solution,
SecureView enables independent, concurrent access to multi-
ple security domains. It provides performance that is inde-
pendent of network bandwidth and server contention issues,
providing analysts with consistent responsiveness for visu-
ally intensive analysis and collaboration. SecureView is NIST
800-53 certified as High in both Confidentiality and Integrity,
and Medium in availability. On August 25, 2011, SecureView
received Authority to Operate (ATO) accreditation from the
ODNI. It has been deployed to users at more than one dozen
federal agencies as of November 2012, and is supported on
several Dell and HP desktop and numerous laptop models.
SecureView significantly improves all three vectors of secu-
rity, performance, and cost as compared to both legacy and
contemporary alternatives:
Security. Using hardware-assisted virtualization and security
technologies built into select Intel®
processors and chipsets,
SecureView is less vulnerable to modification or corruption
than traditional software-based security solutions. Secure-
View’s advanced isolation provides the ability to run multiple
securely isolated environments on a single PC. It includes a
hardware-assisted trusted boot that verifies the integrity of
the virtual desktop at launch, as well as hardware-assisted,
accelerated disk encryption.
4. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
4
Developing SecureView
The 9/11 Commission highlighted the critical importance of
collaboration to enable intelligence analysts to accurately and
fully assess threats and share their findings across agencies
to help prevent attacks. They must do this in a world where
cyber-espionage, cyber-criminals, and cyber-terrorists pose
an ever-increasing threat. A serious security breach to the
intelligence and broader government community can do seri-
ous harm to the nation’s well-being, as well as confidence in
the technology infrastructure.
Groups with responsibility for developing secure, cost-effective
and powerful client environments for defense analysis have
tried a number of approaches, but each presented problems
that have become widely recognized.4
Traditionally, analysts
used a separate PC for each security domain they needed
access to (e.g., secret or top secret). This approach was expen-
sive to implement and support, as well as cumbersome and
inconvenient for end-users. The emergence of thin-clients and
desktop virtualization increased manageability and, in some
cases, made it possible to provide users the convenience of
a single client system. However, with workloads running on
back-end servers, deployment requires costly data center
build-out for servers, networks, and storage. Even with these
infrastructure investments performance has often been found
to be inadequate for modern visually based applications. The
result has been a poor user experience that reduces analysts’
productivity and impacts their effectiveness in using modern,
visually based applications.
Figure 1. SecureView annual TCO. Other environments are 176 percent, 205 percent, and 83 percent higher, respectively, than the SecureView
baseline (Environment 4). Results are derived from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation
with industry experts.
100%
200%
300%
350%
0%
SecureView Annual TCO Compared to Other Architectures
176%
higher cost
205%
higher cost
83%
higher cost
0%
higher cost
Environment 1
Single-level security,
three PCs
Environment 2
Single-level security,
one PC and two
thin clients
Environment 3
Multi-level security,
one thin client
Environment 4
Multi-level security,
one PC with Intel®
Core™
vPro™
technology and
Citrix Xen Client XT
% Higher Annual TCO
Compare to SecureView
Baseline SecureView
AFRL developed SecureView in response to a direct request
from the Deputy Director for Information Assurance of the
ODNI.ODNI requested the development of a secure, robust
workstation that would support high-performance applica-
tions and provide independent and concurrent access to
multiple security domains from a single client system. ODNI
specified that the solution handle highly sensitive/secure infor-
mation with zero tolerance for data exfiltration, be deploy-
able with minimal impact to the host agency, and be capable
of provisioning within four hours. ODNI wanted the solution
within 10 months, requiring rapid development and delivery
of an innovative solution.
AFRL evaluated more than a dozen solutions, and established
collaboration with Citrix and Intel to enhance and utilize Citrix
XenClient software, which uses hardware security capabilities
that Intel has built into its Intel vPro technology-based proces-
sors. AFRL used Citrix XenClient XT, a commercial off-the-shelf
(COTS) solution which had been modified and enhanced with
government-specified capabilities. The team added further
government off-the-shelf (GOTS) enhancements to XenClient
XT to produce the government solution called SecureView.
XenClient and XenClient XT derive from the Xen.org Open
Source Development Community, a widely used and well-
tested open source operating system that runs an estimated
80 percent of the public infrastructure cloud.
5. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
5
SecureView Technology Overview
SecureView’s technology foundation is Intel vPro technology
and Citrix XenClient XT—technologies that efficiently combine
hardware and software to improve security, manageability, and
performance of the client computing environment. Secure-
View is a flexible virtualization solution that runs on clients
in either client-hosted or server-hosted modes of operation.
Server-hosted modes use a thin virtual machine (VM), with a
minimal operating system running on the client and applica-
tions executing on server infrastructure within the environ-
ment. In client-hosted modes, the end point operates a full
operating system and applications execution within virtual
containers. This TCO study assumes client-hosted operation
for SecureView.
SecureView provides integrated, hardware-based functional-
ity that supports multiple operating system environments and
security domains on each end-user PC desktop or notebook
via virtual containers. These capabilities are supported by
Intel®
Virtualization Technology (Intel®
VT)and provide safe-
guards, via Intel®
Trusted Execution Technology (Intel®
TXT) to
protect each virtual environment from malware contamination.
Intel®
Advanced Encryption Standard New Instructions (Intel®
AES-NI)accelerates disk encryption. These hardware-aided
security technologies render SecureView clients inherently
less vulnerable than traditional software-only approaches.
Additionally, new integrated graphics capabilities improve
handling of high-resolution imagery and 3D graphics.
SecureView implements a true Type 1 “bare metal” client
hypervisor to provide robust data and computer resource
isolation by using Intel vPro technology and XenClient XT.
SecureView provides hardware-assisted trusted boot, main-
tains isolation between multiple independent virtual machines
(VMs), and verifies the integrity of the client at launch. The
trusted computing base configuration state is measured,
encrypted, and the measurements are sealed at installation.
Upon subsequent system start, the computing base is
re-measured and the encryption keys are unsealed only if
they match the appropriate cryptographic response from a
trusted platform module (TPM). XenClient XT Synchronizer™
enables SecureView to download centrally managed virtual
desktops. Using Synchronizer, IT can centrally back up user
data through a secure connection whenever the user connects
to the network, define security policies for managed devices,
disable XenClient PCs, and restore a user’s virtual desktop on
any XenClient-based device.
Comparing the Total Costs of Four
Deployment Models
SecureView was developed to harden security within the
intelligence community and increase analysts’ effectiveness
by improving their ability to use visually rich graphics, media,
and collaboration tools.SecureView also delivers significant
savings in both operational and capital expenses compared
to prevalent alternative approaches. To assess these savings,
AFRL compared SecureView’s operational costs to those of
three other client computing environments, reflecting the
evolution of government agencies’ approaches to providing
access to multiple security levels.
To develop the analysis, AFRL worked closely with a business
value analyst from Intel, and used a comprehensive client-
compute TCO model that has been applied in a range of
business and government environments.The analysis uses data
from actual deployments at AFRL where such data was avail-
able, and used respected sources of industry data, such as Prin-
cipled Technologies’ TCO Calculator, when it was not.The study
assumes that SecureView is deployed in a client-hosted mode.
The analysis calculates the costs to deploy and support
10,000 users for government environments which commonly
use either desktop PCs over a life cycle of four years, and/or
thin-client, server-hosted client environments with six-year life
cycles. This comprehensive view includes the necessary build-
out costs for client, server, network and other hardware over
the entire life cycle. It considers power costs, the costs of
pre-deployment preparation, deployment, and ongoing
management costs over the upgrade cycle. The analysis also
factors in user productivity impacts for each solution.
The analysis compared SecureView to two traditional, segre-
gated architectures, where users have a separate client system
for each security level, and a third, contemporary approach
which provides comparable domain segregation. These archi-
tectures are more fully described on following page.
SecureView Architecture
Intel®
vPro™
Hardware
XenClient XT
User VM
VT-D
SE
Linux
TXT
AES NIVT-X
User VM
Service VMs
SE
Linux
SE
Linux
SE
Linux
Xen Security Modules
Control
Domain
XenClient
XenClient XT Unique
Receiver
forXC
Network
Isolation
VPN
Isolation
Policy
Granularity
Policy
Granularity
Figure 2. SecureView technology architecture
6. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
6
Environment 1
Traditional single-level security environment with typically
managed rich desktops. Each user has a separate PC, moni-
tor, and network connection to back-end infrastructure for
multiple security domains (e.g., secret, top secret, and one or
more coalition domains). The TCO analysis assumed a four-
year upgrade cycle for this model.
Environment 2
Single-level security environment, thick and thin-clients. Again,
the user has a separate client system for each security domain,
but some domains are accessed via thin-clients, with access
servers providing a portal to back-end infrastructure for each
client. Applications on Domain A typically run on the PC, to
facilitate performance-sensitive applications. Environment 2
has an assumed upgrade cycle of six years.
Figure 4. Environment 2. Single-level security, one PC and two thin clients.
Figure 3. Environment 1. Single-level security, three PCs.
Environment 1
Domain A
Network Storage with
Network Services
Workstation 1
Domain B
Network Storage with
Network ServicesWorkstation 2
Domain C
Network Storage with
Network ServicesWorkstation 3
Environment 2
Domain A
Network Storage with
Network Services
Workstation 1
Network Storage with
Network Services
Domain B
Access Servers
Thin Client 1
Domain C
Access Servers Network Storage with
Network Services
Thin Client 2
7. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
7
Environment 3
Multi-level secure environment with a single thin-client and
session (access servers) to provide concurrent connections
to all three security levels. The analysis uses data from a
commonly deployed, multi-level thin-client environment for
this model. The assumed upgrade cycle for Environment 3
is six years.
Figure 5. Environment 3. Multi-level security, one thin client.
Environment 4
SecureView multi-level secure environment with a single intel-
ligent, virtualized PC running Citrix XenClient XT and powered
by Intel Core vPro processors providing concurrent, indepen-
dent access to all three domains. The assumed upgrade cycle
is four years.
Figure 6. Environment 4. SecureView: Multi-level security, one PC with Intel®
Core™
vPro™
technology and Citrix XenClient XT.
Environment 3
Domain A
Network Storage with Network Services
Domain B
User Session
Servers
User Desktop
Thin
Domain C
Environment 4
Domain A
Network Storage with
Network Services
SecureView
vPro Workstation
Network Storage with
Network Services
Domain B
Domain C
Standard COTS VPN
Concentrator(s)
Single Encrypted
“Grey Wire” to Workstation
Network Storage with
Network Services
8. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
8
Cross-Domain Platform TCO Summary
Table 1 summarizes the cross-domain platform TCO for a deploy-
ment of 10,000 seats. It is followed by a brief discussion of the
analysis and some of the major assumptions made. Figure 7
summarizes annual TCO including productivity savings.
Deployment Costs: Hardware
As expected, the acquisition cost for SecureView PCs is higher
than that of thin-clients: $13.39 million for 10,000 PCs to $12.07
million for 10,000 thin-clients. However, these acquisition costs
are more than offset by the added costs of server and network
infrastructure build-out, among other issues.
Server and network infrastructure add significant costs to the
deployment of thin-client models.Thin-clients require serv-
ers to provide access/presentation services, as well as, server
infrastructure to run the server-hosted applications. The analy-
sis calculates the clients supported per server based on AFRL’s
experiences, and lab tests funded by Intel and conducted by
Principled Technologies. The analysis details the combined
costs for access infrastructure servers for the two thin-client
scenarios (Environments 2 and 3), session servers for the
multi-security level thin-client scenario (Environment 3), and
management servers for all four environments constitutethe
server deployment costs shown in Table 2.
Figure 7. Annual TCO including productivity costs for 10,000 users.11
Table 1. Cross-Domain Platform TCO Summary for a 10,000 Seat Deployment**
Siloed Domain Access, Single-Level Concurrent Multi-Domain Access, Multi-Level
Client Compute Platform Single-Domain,
3 Desktops
Environment 1
Single-Domain, 2 Thin-
clients + 1 Desktop
Environment 2
Multi-Domain,
1 Thin-client
Environment 3
SecureView: Multi-
Domain, 1 vPro PC
Environment 4
TCO Summary Including Lost Productivity Costs
Annual costs per client $2,489 $2,745 $1,647 $901
TCO per client for the upgrade cycle $9,956 $16,472 $9,881 $3,602
TCO for all clients for the upgrade cycle $99,560,000 $164,720,000 $98,810,000 $36,023,000
TCO per year for all clients $24,890,000 $27,450.000 $16,470,000 $9,006,000
TCO Summary Excluding Lost Productivity
Annual costs per client $2,489 $2,383 $1,103 $901
TCO per client for the upgrade cycle $9,956 $14,297 $6,617 $3,602
TCO for all clients for the upgrade cycle $99,560,000 $142,970,000 $66,174,000 $36,023,000
TCO per year for all clients $24,890,000 $23,830,000 $11,029,000 $9,006,000
Annual Cost Breakdown
One year annualized deployment cost $9,466,000 $9,808,000 $6,644,000 $4,171,000
Power per year $884,000 $951,000 $386,000 $295,000
Manageability per year $14,538,000 $13,068,000 $3,999,000 $4,540,000
Productivity lost per year $0 $3,626,000 $5,439,000 $0
Total $24,888,000 $27,453,000 $16,468,000 $9,006,000
TCO Breakdown
One-time deployment costs $37,870,000 $58,850,000 $39,870,000 $16,690,000
Power for the entire upgrade cycle $3,540,000 $5,710,000 $2,310,000 $1,180,000
Manageability for the entire upgrade cycle $58,150,000 $78,410,000 $23,990,000 $18,160,000
Productivity lost for the entire upgrade cycle $0 $21,760,000 $32,630,000 $0
Total $99,560,000 $164,730,000 $98,800,000 $36,030,000
**Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation with industry experts. Data for Environments 1 and 2 are largely based on industry data sources. Key assumptions
for Environments 3 and 4 are drawn from common industry data sources, such as Principled Technologies’ TCO Calculator, when actual data was not available.Key assumptions in the analysis include: SecureView deployment in a
thick mode of operation; users wages are assumed to be $41 per hour, IT wages are assumed to be $63 per hour; client power state assumes 8 hours.10
On and 16 hours standby per workday; cooling power is assumed to be 1 W per
system watt; power cost is assumed to be $0.1 per kWh; annual client management activities are assumed to consist of 12 asset inventories, 14 patch installations, and 5 helpdesk calls per client.
30
25
20
15
10
5
0
Environment 1
Single-level
security,
three PCs
Environment 2
Single-level
security,
one PC and two
thin clients
Environment 3
Multi-level
security,
one thin client
Environment 4
Multi-level security,
one PC with Intel®
Core™
vPro™
technology and
Citrix Xen Client XT
Productivity lost per year
Manageability per year
Power per year
$MILLIONS
Annual TCO
Including Productivity Costs
One year's annualized
deployment cost
9. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
9
Annual Power Costs
The analysis factors in the costs of power consumption and
cooling for PCs, thin-clients and monitors, as well as for serv-
ers required to support the client environments. The single-
domain, three-PC environment modeled (Environment 1) had
recently replaced its PCs. Environments with older PCs would
see greater energy savings from refreshing their PCs and
deploying SecureView, since new PCs consume significantly
less power than older ones. The study assumed three monitors
per user for the single-domain implementations (Environments
1 and 2), and two monitors each for the two multi-domain
implementations (Environments 3 and 4). Table 5 shows that
SecureView is the most energy-efficient of the four solutions
with the lowest expenditures on power.
Annual Management Costs
Client management tasks are assumed to consist of 12 asset
inventories, 14 patch installations, and 5 helpdesk calls per
client per year.
Table 2. Hardware Deployment Costs Summary for 10,000 Users
Single-Domain,
3 Desktops
Single-Domain,
2 Thin, 1 PC
Multi-Domain,
1 Thin
SecureView**
Server deployment costs $3,240,000 $7,870,000 $12,210,000 $1,080,000
Desktop and thin-client costs $31,880,000 $30,800,000 $12,070,000 $13,390,000
Network cost (client port, VPN) $3,750,000 $3,750,000 $1,250,000 $1,280,000
Total hardware deployment costs $38,870,000 $ 42,420,000 $25,530,000 $15,750,000
**Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation with industry experts.
Table 3. Data Center Costs for the Entire Upgrade Cycle for 10,000 Users
Single-Domain,
3 Desktops
Single-Domain,
2 Thin, 1 PC
Multi-Domain,
1 Thin
SecureView**
Construction costs $40,000 $353,000 $600,000 $13,000
Port costs $130,000 $1,145,000 $1,944,000 $43,000
Wiring costs $7,000 $64,000 $108,000 $2,000
Total data center costs $177,000 $1,562,000 $2,652,000 $58,000
**Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation with industry experts.
Note that the cost of server power is a recurring cost and is included in the annual power cost shown in Table 5.
Data center build-out factors to support the server infrastruc-
ture for all four deployment environments are also factored
into overall deployment costs, and shown in Table 3.
It should be noted that the analysis did not consider the fact
that Environments 2 and 3 introduce the server as a single
point of failure for multiple clients, since one server typically
takes on the entire processing load of multiple clients. This risk
can be mitigated through server and network redundancy, but
this would further increase capital expenses and complexity of
thin-client supporting infrastructure.
Deployment Costs: Implementation, Training
and Application Porting/Replacement
In AFRL’s experience, SecureView is a dramatically easier and
faster approach to analyze, define, and validate requirements,
and therefore, a superior implementation solution for cross-
domain security than either of the thin-client-based environ-
ments. At the same time, it is also the most cost-effective
approach. The savings in Table 4 reflect roughly a tenfold
difference in the costs of implementation and porting or
replacing applications.
10. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
10
Productivity Losses
Productivity analysis is based on lab tests conducted by
Principled Technologies, assuming a user wage is $41 per
hour and an IT wage of $63 per hour. The analysis estimated
conservatively that users in these multi-level security, thin-
client scenarios (Environments 2 and 3) would lose 3.25
minutes each day on each of their thin-clients due to server or
network congestion. This results in a daily loss of $22,000 of
user productivity across 10,000 users or $5.439 million annually
for the multi-domain solution with a single thin-client (Environ-
ment 3). Environment 2, with a single PC and two thin-clients,
results in annual lost productivity of $3.626 million. Note that
the summary table reports the TCO results both with and with-
out these productivity costs included.
The study assumed the cost and performance of common
application or resource servers, such as those providing file,
e-mail, database, Web services, and network services such as
Active Directory and Domain Name System (DNS) hosting,
would be uniform across all environments. Therefore, these
were not included in the TCO analysis.
Table 4. Implementation, Training and Application Porting/Replacement Costs for 10,000 Users**
Single-Domain,
3 Desktops
Single-Domain,
2 Thin, 1 PC
Multi-Domain,
1 Thin
SecureView**
Implementation costs $34,000 $498,000 $464,000 $50,000
Training costs $0 $1,550,000 $1,600,000 $1,211,000
Application porting and replacement costs $38,000 $3,546,000 $3,508,000 $38,000
** Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation with industry experts.
Table 5. Power Costs per Year for 10,000 Users**
Single-Domain,
3 Desktops
Single-Domain,
2 Thin, 1 PC
Multi-Domain,
1 Thin
SecureView**
Total power consumed (kWh) 8,844,000 9,514,000 3,856,000 2,948,000
Cost of power $884,400 $951,400 $385,600 $294,800
** Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation withindustry experts.Client power state assumes 8 hours on and 16 hours Standby per workday. Cooling power is
assumed to be 1 W per system watt. Power cost is assumed to be $0.1 per kWh.
Table 6. Total Management Costs per Year**
Single-Domain,
3 Desktops
Single-Domain,
2 Thin, 1 PC
Multi-Domain,
1 Thin
SecureView**
Total manageability costs $14,538,000 $13,068,000 $3,999,000 $4,540,000
** Table is drawn from a detailed spreadsheet resulting from the TCO analysis conducted by AFRL in consultation withindustry experts.
Security Benefits
SecureView’s most important benefits did not lend themselves
to inclusion in the analysis. Specifically, there is no quantifica-
tion of the increase in information security provided by the
SecureView technologies or any attempt to monetize the cost
of a potential breach in information security. However, it is
worth noting that Ponemon Institute estimates the organiza-
tional cost of a single data breach at $5.5 million.12
Given the
sensitivity of the information that SecureView users work with,
the cost of a security breach could be literally incalculable.
Given that SecureView’s landmark utilization of hardware-
assisted security is intrinsically less vulnerable to modification
or corruption than alternative, software-only solutions, there
is additional, critical intrinsic value of risk reduction from data
exfiltration and infiltration.
11. White Paper: SecureView: Government/Industry Collaboration Delivers Improved Levels of Security, Performance, and Cost Savings for Mission-Critical Applications
11
Conclusion
SecureView provides independent, concurrent access to
multiple security domains from a single client platform, which
is vital to the nation’s security.The architecture establishes a
new best-of-breed baseline in meeting the US Government’s
requirements for a secure data analysis and collaboration
environment that is robust, affordable, easily deployablein
multiple client configurationsand supportsmission effec-
tiveness by enabling analysts to run the latest visually based
software tools without sacrificing user experience.
With its flexible architecture and foundation in COTS technol-
ogies, SecureView is a readily deployable solution that enables
agencies to achieve the cost and manageability benefits of
modern desktop virtualization while increasing the security
of the information infrastructure. It provides the flexibility of
a server-hosted or a lower-cost client-hosted mode of opera-
tion, and offers straightforward ways for organizations to add
security domains as project requirements change. In addition,
SecureView is not a closed proprietary solution—it is based on
Xen open source hypervisor and COTS hardware technologies
that are easily accessible and affordable to acquire by govern-
ment and private sector enterprises.
SecureView not only provides the convenience of multi-
domain access from a single client without performance
compromises, but it is also distinguished from alternate
approaches by setting a precedent inextending the secure
multi-domain access boundary to mainstream mobile use
environments. Its availability on Intel Core vPro processor-
based notebook computers, along with an increasing variety
of cutting-edge business Ultrabooks™ and tablets, enables
security-sensitive users the flexibility to function in a wider
range of settings, including those where a persistent network
connection is unavailable.
The project execution of AFRL, Intel and Citrix is an excellent
example of effective government/industry collaboration. The
commitment and teamwork coupled with the use of robust
COTS technologies enabled AFRL to meet ODNI’s request
within months and deliver a solution that enhances the security
of some of the nation’s most critical information infrastructure
and assets. SecureView not only improves the productivity and
effectiveness of intelligence analysts and other key users by
enabling them to better support their organization mission,
it does so with dramatic cost savings.