Multi domain information sharing (MDIS) relies on a cross domain solution (CDS) to move information between different security domains. A CDS can include an integrated system of hardware and software that enables transfer of information among incompatible security domains or levels of classification. A CDS can include solutions for information assurance that provide the ability to manually or automatically access, or transfer information between two or more differing security domains. Three common types of CDS include access, multilevel, and transfer CDS. An access-type CDS enables user interaction with multiple domains from a single computer, but strictly isolates each interaction to a single domain at a time and permits no information flow between domains. A multilevel-type CDS also enables user interactions with multiple domains from a single computer, but permits simple information flow between domains as regulated by a mandatory security policy. A transfer-type CDS permits information flow between domains as regulated by a more complex mandatory security policy, but it does not enable user interaction to those domains from the same computer that enables the information flow. Instead, user interaction with a domain requires accessing a separate computer designated for that domain.
A transfer-type CDS, which can also be referred to as a guard, may be deployed at the edge of a physical network that defines a security domain. In order for information to flow from one domain to a different domain, there must be a suitable guard between them, and the guard must provide the only communication link between those domains. As the number of domains that require information flow between them increases, so do the number of guards to be deployed and managed. In addition, virtualizing computer hosts and computer networks can limit the ability to rely on physical hardware isolation to guarantee non-bypassability of the guard.