Transcription of Army Cross Domain Solution and Data Transfer Management
1 UNCLASSIFIED Department of the Army Pamphlet 25 2 1 Information Management : Army Cybersecurity Army Cross Domain Solution and data Transfer Management Headquarters Department of the Army Washington, DC 12 April 2019 SUMMARY DA PAM 25 2 1 Army Cross Domain Solution and data Transfer Management This administrative revision, dated 31 May 2019 o Corrects the e-mail address (title page). This new publication, dated 12 April 2019-- o Provides guidance on Cross Domain approval processes and procedures, relating to the connection of a Cross Domain Solution between differing security domains, for Army Cross Domain Solution customers (chaps 1, 2, and 5). o Contains instructions for Army organizations to effectively acquire Cross Domain Solution capabilities (chap 3).
2 O Provides the procedures required for manual data transfers across security domains, when access to a Cross Domain Solution is not available and using removable media is required for the mission (chap 4 and para 5 4). DA PAM 25 2 1 12 April 2019 UNCLASSIFIED i Headquarters Department of the Army Washington, DC Department of the Army Pamphlet 25 2 1 12 April 2019 Information Management : Army Cybersecurity Army Cross Domain Solution and data Transfer Management History. This publication is a new De-partment of the Army pamphlet. Summary. This pamphlet provides guid-ance for assessing, approving, acquiring, and using Cross Domain solutions within the Department of the Army. It supports AR 25 2 and Army cybersecurity.
3 This pam-phlet provides amplifying procedures and guidance for AR 25 2. Applicability. This pamphlet applies to the Regular Army, the Army National Guard/Army National Guard of the United States, and the Army Reserve, unless otherwise stated. Proponent and exception authority. The proponent for this pamphlet is the Army Chief Information Officer/G 6. The proponent has the authority to approve ex-ceptions or waivers to this pamphlet that are consistent with controlling law and regula-tions. The proponent may delegate this ap-proval authority, in writing, to a division chief within the proponent agency or its di-rect reporting unit or field operating agency, in the grade of colonel or the civil-ian equivalent.
4 Activities may request a waiver to this pamphlet by providing justi-fication that includes a full analysis of the expected benefits and must include formal review by the activity s senior legal officer. All waiver requests will be endorsed by the commander or senior leader of the request-ing activity and forwarded through their higher headquarters to the policy propo-nent. Refer to AR 25 30 for specific guid-ance. Suggested improvements. Users are invited to send comments and suggested improvements on DA Form 2028 (Recom-mended Changes to Publications and Blank Forms) directly to the Office of the Army Chief Information Officer/G 6 (SAIS PRG), 107 Army Pentagon, Wash-ington, DC 20310 0107 (email: usarmy.)
5 Distribution. This pamphlet is available in electronic media only and is intended for the Regular Army, the Army National Guard/Army National Guard of the United States, and the Army Reserve. Contents (Listed by paragraph and page number) Chapter 1 Introduction, page 1 Purpose 1 1, page 1 References 1 2, page 1 Explanation of abbreviations and terms 1 3, page 1 Applicability 1 4, page 1 Chapter 2 Cross Domain Solution Overview, page 1 Background 2 1, page 1 Chapter 3 Cross Domain Solution Approval Process, page 2 Cross Domain Management 3 1, page 2 Cross Domain Solution approval process 3 2, page 3 Supporting documentation 3 3, page 3 Chapter 4 data Transfers Across Security Domains, page 3 Manual data Transfer requirements 4 1, page 3 Required documentation 4 2, page 4 Contents Continued ii DA PAM 25 2 1 12 April 2019 Transition guidelines 4 3.
6 Page 5 Automated services available for data Transfer across security domains 4 4, page 5 Manual data Transfer services across security domains 4 5, page 5 Chapter 5 Additional Cross Domain Solution Resources, page 6 Points of Contact 5 1, page 6 Online resources 5 2, page 6 Technical assistance 5 3, page 6 Computer-based training 5 4, page 6 Appendixes A. References, page 7 Figure List Figure 2 1: Army Cross Domain Solution and Security Domain Structure, page 2 Glossary DA PAM 25 2 1 12 April 2019 1 Chapter 1 Introduction 1 1. Purpose The Army Cross Domain Management Office (CDMO), within the Cybersecurity Directorate of the Chief Information Officer (CIO)/G 6, Army, sets the guidance for this Department of the Army (DA) pamphlet (Pam).
7 The Army CDMO is the Cross Domain support element (CDSE) for the Army, and provides Cross Domain Solution (CDS) oversight at the Head-quarters, Department of the Army (HQDA) level. This DA Pam provides guidance on Cross Domain approval processes , and procedures, on how to connect a CDS between differing security domains. It also helps Army organizations to obtain CDS capabilities effectively and efficiently, and to steer manual data transfers across security domains, when a CDS is not available. 1 2. References See appendix A. 1 3. Explanation of abbreviations and terms See the glossary. 1 4. Applicability a. The procedures in this DA Pam will help protect classified and sensitive Army information from unauthorized dis-closure inadvertent or intentional caused by improper methods of conducting data transfers across security domains.
8 It also provides cybersecurity CDS guidance to protect classified networks from potential malicious intent by use of a CDS. Further, it applies to all Army secret and below interoperability (SABI) CDSs governed by the Department of Defense (DOD) connection approval process, and managed by the Army HQDA CIO/G 6 Cybersecurity Directorate. The HQDA CIO/G 6 Special Access Programs (SAP) Office processes CDS connections involving SAPs. (See contact information for the Army SAP office in para 5 1.) b. This document does not authorize declassification or downgrading the classification of information, but reduces the inherent technical risks of data Transfer . The original classification authority conducts information declassification and downgrading.
9 This document is not applicable for the Joint Worldwide Intelligence Communications System (JWICS) or for top secret sensitive compartmented information (TS SCI). (See contact information for Army CDS involving JWICS or TS SCI data in para 5 1.) c. This document does not address the specific procedures required while handling removable media. Find additional information and guidance for specific processes and procedures regarding removable media in DA Pam 25 2 4. Chapter 2 Cross Domain Solution Overview 2 1. Background a. A security Domain is a system or network, operating at a particular sensitivity level, which implements a security policy and is administered by a single authority. b. A CDS is a form of controlled interface that provides the ability to manually or automatically access or Transfer information between different security domains.
10 (1) Access Cross Domain Solution . A type of CDS that gives users access to a computing platform, application, or data residing in different security domains from a single device, without any Transfer between the various domains. (2) Transfer Cross Domain Solution . A type of CDS that enforces security policy when moving data between infor-mation systems that operate in different security domains. (3) Multi-level Cross Domain Solution . A type of CDS that uses trusted labeling to store data at different classifications and allows users to access the data based upon their security Domain and credentials. (4) Cross Domain service. A Cross Domain (CD) service provides access, or Transfer of information solutions , between different security domains.
