1. Statement of the Technical Field
The inventive arrangements relate to data synchronization systems, and more particularly to data synchronization of secure electronic devices.
2. Description of the Related Art
There is a growing need to develop electronic information processing devices capable of storing, processing, and communicating data at multiple levels of security classification. For example, the security classification levels can include information designated as Top Secret, Secret, Confidential, Sensitive, and unclassified. The information processing devices developed for these secure devices must be able to synchronize managed data between a network server and network-attached device (e.g. desktop computer) or between a host device (e.g. desktop computer) and a locally-connected device (e.g. personal digital assistant). The managed data to be synchronized is often address book, calendar, task list, notes and/or e-mail information that has been saved at multiple security levels.
Current network-attached electronic devices perform synchronization of data at only a single-level of security classification “in-the-clear” (unencrypted); the user signs-on to the network-attached device which is connected via the network to a server computer. Thereafter, managed data objects at that 1 security level are updated.
Current portable electronic devices (PED) perform synchronization of data at only a single-level of security classification, namely “in-the-clear” (unencrypted), with no user authentication. The user simply plugs his/her PED into a cradle which is connected via a serial/Bluetooth link to a desktop computer that the user has logged into. Thereafter, managed data objects at that one security level are updated.
Certain types of information processing systems, including PEDs and personal computers, have been developed that are specifically designed to allow for processing of classified data having various designated levels of security. For example secure computers and even secure PDA devices known in the art. These devices typically utilize a trusted operating system, trusted microprocessors, and trusted human/machine interfaces. Such devices generally satisfy the requirements for accessing single-level secure (SLS) or multi-level secure (MLS) file systems.
MLS is a class of systems that contain information with different sensitivities. MLS systems simultaneously permit access to data by users with different security clearances without compromising security. Thus, MLS data file systems allow information about different sensitivities (classifications) to be stored in an information system. These systems are also designed to allow users having different clearances, authorizations, and need-to-know, the ability to process information in the same system. Significantly, however, these systems prevent users from accessing information for which they are not cleared, do not have proper authorization, or do not have a need-to-know.
In a single level secure system (SLS), a user can have secure access to classified data at a single defined security level. The level of access can be limited by the current user security classification sign-on level and a security classification assigned to secure user processor. The secure processing system can have a single level of secure data contained in its file system. Alternatively, the file system can be an MLS system, but user access can be limited to a single secure level, such as the confidential file system, secret level file system, or top secret levels file system contained on the MLS file system.