Data security is a great concern for organizations and individuals. Although there are many ways to protect information within a particular system or environment, the information is placed at risk of interception or theft whenever it is communicated to a less secure system or environment. To prevent sensitive information from being stolen, security requirements may forbid its transmission over insecure channels or to a less secure system. But, because systems are commonly operated at different security levels, the communication of information between systems having different security levels is often unavoidable. For instance, a network's infrastructural limitations may require that information be transmitted between systems over insecure (e.g., encrypted) communication channels. Alternatively, an insecure system (e.g., a business resource planning system) may rely on information provided by a secure system (e.g., a classified system).
In many cases, however, only a portion of the information included in a communication is sensitive and the insecure system that receives the communication may not even require this portion. Thus, the sensitive portions may be removed before the information is communicated with little or not impact on the recipient. For example, a classified military command and control information system (“C2IS”) supporting ongoing military operations may exchange information with a relatively insecure information system providing logistical support. The logistical system may require only enough information to track quantities of supplies and materials required by the operations, without needing specific operational details that are highly classified.
In some prior solutions, a person responsible for communicating a message including classified information to a recipient at an insecure location was required to create a new message by manually copying the unclassified portions into an empty message template. This redacted version of the original message was permitted to be transmitted to the recipient. Such solutions, however, are obviously time-consuming and prone to human error.
Another prior approach uses extensible stylesheets language (“XSL”) that define the content and structure of extensible markup language (“XML”) messages. Using a predefined XSL file, a message may be transformed into a new message that includes only the unclassified parts of an original, classified XML message. However, because the use of XSL files are limited to XML documents having similar structure, this approach restricts the variety of XML documents that may be processed. If several different XML files with different structures are to be processed, different XSL files must be written corresponding to each structure and, at a later time, the appropriate XSL file must be determined to process the corresponding XML message. Furthermore, the creation and development of such XSL files is very time consuming and requires in-depth knowledge of the XSL programming language.