+1443 776-2705 panelessays@gmail.com

I need an executive summary of these two companies. I need to know which one is best based on the services they provide. Which company provides the best cloud solutions and why. It should only be 2-3 pages with a summary of which one is the best based on their platform. Please use the websites and attachments. 

https://ciscodevnet.github.io/msx-developer-guides/

https://titantechnologies.com/

MXS Cloud SDK

Multi-X Security

Software Development Kit

Multi-Level

Multi-Category

Multi-Nation

Maxus Cloud SDK, the Multi-X Security Software Development Kit Hello, and welcome to the Maxus cloud software development kit briefing. This briefing will cover the basics of the Maxus Cloud SDK. If you'd like to hear more information about what you've seen in this brief, please contact Major Kyle Stewart at kyle dot stewart dot 5 @ US dot AF dot mil. MXS, pronounced "maxus", stands for Multi-X security. The maxus project objectives are to provide secure multi-level, multi-category, and multi-nation environments. Categories are the maxus term for what some might call a compartment, caveat, or program.

1

Historical Context

2

The major problems of the USAF stem from the fact that there is a growing requirement to provide shared use of computer systems containing information of different classification levels and need-to-know requirements in a user population not uniformly cleared or access-approved. …

Users are permitted and encouraged to directly program the system for their applications. It is in this latter kind of use of computers that the weakness of the technical foundation of current systems is most acutely felt.

Computer Security Technology Planning Study (Volume II)

October 1972

https://csrc.nist.rip/publications/history/ande72.pdf

2

Challenges & Solutions

MXS Reference Architecture

MXS Security Model

Challenges

Current commercial cloud infrastructure does not provide a multi-level / multi-category environment out-of-the-box; it must be provided by workload owner

It is difficult for vendors and mission owners to create multi-level / multi-category aware software

Unclear approach to data labeling impedes interoperability and complicates development of software solutions that function across the enterprise

Solution

Execute project that develops a standard security model, data model, reference architecture, and Software Development Kit (SDK)

Conduct prototyping in an unclassified cloud environment to demonstrate feasibility of using the MXS SDK to develop multi-level / multi-category software solutions

When successful, utilize the MXS SDK to address IT requirements related to enterprise software development

3

3

Enterprise View

4

4

System View

5

5

What is MXS Cloud SDK?

Increasing Technical Opinion

Documentation

Security Model

Data Model

Reference Architecture

Reference Implementation

Cost Model

Human-centric terms and definitions with concepts modeled in a well-defined visual language

Machine readable data formats for access control information and metadata aligned to security model

Organization of COTS/GOTS components into solution which supports security and data models

Executable form of reference architecture that runs inside government owned cloud environment

Provide cost predictions for reference implementation including licenses, compute, store, and network

Acquisition and developer centric documentation that covers requirements, use cases, testing, etc.

6

6

Business Processes

Multiple organizations participate and contribute via DI2E DevTools based on Atlassian tools (Confluence, JIRA, BitBucket) + Jenkins Milestones are 4-week planning periods (i.e., sprints) All work is drafted, approved, and tracked via JIRA tickets Clear “definition of done” with deliverable required for ticket approval Documentation (including this briefing) is all tracked and built from version control

7

7

Generic Security Model

8

8

Claims 0.1

{ "urn:us:gov:ic:uias:digitalIdentifier": "CN=Lastname Firstname Middle personId, OU=PE, OU=DoD, OU=DoD, O=U.S. Government, C=US", "sub": "7fbdecb9-7b1c-4663-bf7e-3e70b57f681e", "urn:us:gov:ic:uias:aICP": false, "urn:us:gov:ic:uias:dutyOrganization": "ABMC", "urn:us:gov:ic:uias:dutyOrganizationUnit": "CIO:APPS:EASPO", "urn:us:gov:ic:uias:entityType": "CTR", "email_verified": false, "iss": "http://localhost:8080/auth/realms/hello-world", "preferred_username": "Firstname.Lastname", "urn:us:gov:ic:uias:clearance": ["TS", "S", "C", "U"], "aud": "siteapp", "urn:us:gov:ic:uias:countryOfAffiliation": ["USA"], "urn:us:gov:ic:uias:adminOrganization": "ABMC", "urn:us:gov:ic:uias:entitySecurityMark": "U", "urn:us:gov:ic:uias:auditRoutingOrganization": “Routing Org", "urn:us:gov:ic:uias:authorityCategory": "ICD503", "urn:us:gov:ic:uias:group": ["my-group", "my-group-two", "your-group"], "urn:us:gov:ic:uias:region": ["EMEA"], "urn:us:gov:ic:uias:role": ["DoD-MXS-Admin", "NATO-Liason"], "urn:us:gov:ic:uias:topic": ["HLTH"], "urn:us:gov:ic:uias:certificateAuthority": "DoDPKI", "urn:us:gov:ic:uias:originatingNetwork": “NET1", "email": "[email protected]", "urn:us:gov:dod:contractorOrg": "ACME Inc.", "urn:us:gov:dod:contractorOrgId": "91749", "urn:us:gov:dod:authorizationSet": { “XMS": { “M": { “CAT1": [“ABC:1234"] }, “H": { “CAT1": [“APPLES"], “CAT2": [“DEF:9876"], “CAT3": [“BANANAS"], } } } }

Claims are represented by Open ID Connect JSON Web Token (JWT)

Design is split into "heavy" JWT (backend authorization) and "light" JWT (held by client)

Leverages semantics from IC UIAS standard as well as from OSD SAP CIO

Format depicted here includes explicit, long namespaces to make it clear the origin of the semantic

All labels and markings are notional and for illustrative purposes only.

9

Clearance Owner:->“XMS": { Level:—>“M": { Category Type:——->“CAT1": Categories:—————>[“ABC:1234"]

9

Information Security Marking

Multi-Level Markings (MLM) occur when there is a mixture of classification levels and categories portion marked within a document

Standards like ISM potentially can misrepresent the aggregate precisely, resulting in over classification at the root level

MXS is working with OSD SAP CIO and Common Metadata Standards Tiger Team (CMSTT) on possible implementation strategies and policies

10

All labels and markings are notional and for illustrative purposes only.

10

Label 0.1

Derived from ISM semantics including JSON-LD distributed controlled value enumeration files

Added additional structure in key areas of concern to address challenges with mixed classification level, categories, coalition data, and developer ergonomics

Works together with MXS Claims JWT

Designed to accept, produce compliant ISM labeled data

Stepping-stone to next-generation labeled infrastructure based on OPA/REGO

Moving the label to application-level protocols (like HTTP) that leverage JSON makes the shared data model more easily exchanged and validated

Better aligned with modern development techniques and knowledge base in industry

{ "classification": { “XMS": “H" }, "categories": { “XMS": { “M": { “CAT1": [“ABC:1234"] }, “H": { “CAT1": [“APPLES"], “CAT2": [“DEF:9876"], “CAT3": [“BANANAS"], } } }, "disseminationControls": ["REL", "DISPLAYONLY"], "ownerProducer": [“XMS"], "geoPolitical": { "FGIsourceOpen": ["AUS", "CAN", "GBR"], "FGIsourceProtected": ["FGI"], "releasableTo": ["USA", "AUS", "CAN", "GBR"], "displayOnlyTo": ["ABW"], "joint": true },

"classDeclass": { "derivativelyClassifiedBy": "MXS Developer [email protected]", "derivedFrom": "Pursuant to SCG ABC version 1.2 dtd 01/01/2020", "declassDate": "2070-02-18", "declassEvent": null, "declassException": ["AEA"], "classifiedBy": null, "classificationReason": null }, "metadata": { "DESVersion": "201903.201909", "ISMCATCESVersion": "201909", "resourceElement": null, "compliesWith": "USGov", "createDate": "2021-02-19", "exemptFrom": "IC_710_MANDATORY_FDR", "noAggregation": "false", "externalNotice": null, "noticeType": "DoD-Dist-X", "noticeDate": "2021-02-18", "noticeReason": "Contains CUI DCRIT", "unregisteredNoticeType": null, "pocType": "ICD-710", "hasApproximateMarkings": null, "compilationReason": "Language", "excludeFromRollup": null } }

11

All labels and markings are notional and for illustrative purposes only.

11

Access Control

MXS implements an attribute-based access control (ABAC) model that in turn needs to support mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC) Data model focuses on modern production environments like the service meshes in a Kubernetes environment, deploying “sidecars” via COTS tools like Grey Matter Leverages open tools like Open Policy Agent, and the REGO policy language to express and enforce access control policies Combines the claims and labeling standardization in JSON to create a zero-trust architecture with rigid enforcement throughout the mesh

package mxs default allow = false allow { # has_necessary_attributes sufficient_clearance all_categories } # Ensure that the user has sufficient clearance to view the marking on # the document. sufficient_clearance { # UIAS data has an array of clearances, not the highest clearance doc_classification_num := input.label._classification._classId clearance_number[user_clearances[_]] >= doc_classification_num } …

https://docs.greymatter.io/use-cases/zero-trust

https://www.openpolicyagent.org/docs/latest/

12

12

Towards 1.0 – MXS ABAC Data Model

Top-down design after gathering taxonomy of existing data semantics from IC and SAP communities

Core specification that deals with the attributes required for access control to support MAC, DAC, and RBAC

Priorities / Trade-offs

Keep data going over the WAN small

Keep data structures as normalized and regular as possible

Follow principle of least surprise

Interoperability with legacy formats

Leverages JSON based JavaScript Object Signing and Encryption (JOSE), JSON Web Tokens (JWT), and SPIFFE for security and certificate management

Future expansion to binary formats like Concise Binary Object Representation (CBOR), or other formats like XML

13

13

Three Tier Architecture

https://en.wikipedia.org/wiki/Multitier_architecture

14

14

Reference Architecture

Government owned architecture with focus on use of commercial products and standards

Example open / commercial products:

Example open / commercial standards:

Initial focus is on single-level, multi-category; aligns with cloud architecture

Hooks to facilitate cloud hosted or on-premise cross domain solution

Compatible with MLS data stores and services

Managed, labeled data management and application hosting environment designed to integrate well with K8s DevSecOps pipelines like Platform One

JSON

Schema

System for Cross-domain

Identity Management

15

15

Reference Implementation

Automation Stack

(*) Will support full DevSecOps lifecycle of hosted applications (via GitOps) and service mesh

Used to automate deployment of packages on K8s

Used for orchestration of executable capability

Used to configure the baseline and deploy K8s

Used to create, manage, and destroy baseline infrastructure

Prototype / Experimentation

Hosted in Cloud One Development (C1D) on top of Amazon Web Services (AWS) Used for COTS evaluation, prototype, experimentation, and scalability testing Leverages full C1D guard-railed environment to support potential future expansion to C1 production

Development

U-FEN is primary development environment Minimizes delta to other *-FEN targets Allows connectivity to unclassified identity store to enable ICAM solution Already aligned with Platform One as DevSecOps environment

16

16

Next Steps

Integration with Platform One Integration with Grey Matter Automated Security Analysis

MITRE Caldera for automated pen testing framework

MITRE SAF (Heimdall) for automated compliance monitoring

Deployment to U-FEN Government Functional Testing Groundwork for Operational Pilots

MITRE Security Automation Framework (https://saf.mitre.org

MITRE Caldera (https://github.com/mitre/caldera)

MITRE Heimdall (https://github.com/mitre/Heimdall)

17

17

MXS Roadmap

MXS Cloud SDK FY21 Deliverables

Security Model / Data Model

Reference Architecture

Unclassified Prototype Cloud Implementation

Legacy Integration Guidance

Cost Model

Fences Integration

FY20

FY21

FY22

FY23+

Prototype • GTRI as Prime ⁃ 2371B OTA via AFRL ⁃ 9-month POP • Cloud One Dev / U-Fences + Platform One • Early involvement from AO and test communities • Demo Days June / Oct 2021

Transition & Mature • MXS Data Labeling Standard 1.0 (NIEM / CMSTT) • Upstream to Platform One (Iron Bank / Big Bang) • Enterprise ICAM Pilot • Operational Pilots

Enterprise Software Factory • Sustained Capability Development ⁃ Leverage DevSecOps ⁃ Built on Platform One ⁃ MXS SDK (Cloud / Edge) • Production Cloud Environments ⁃ Cloud One (IL5, IL6) ⁃ *-FEN ⁃ C2S

Impact • Empowers customers with DevSecOps as-a-Service • Lowers bar for third party developers to create multi-level, multi-category, multi-nation aware applications in the cloud or on premise • Government owned architectures supported with COTS products

18

18

MXS SDK Future Architecture

Baked-in resiliency to denied, disrupted, intermittent, and limited environments Takes advantage of strengths of both cloud and on-premise data centers Builds upon the use of commercial and government standards

19

19

,

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Compendia DATA PLATFORM Discussion with AFRL/STO

10 Nov 2021

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential2

Agenda 1 Introductions

2 Compendia product Overview & Background

3 Demonstration

4 Questions & Answers

5 Next Steps

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Who is Titan Technologies?

2000 Averstar, Pacer

Infotec Joins Titan Corporation

2001 BTG Joins Titan

2006 Titan Joins

L-3 Communications

2014 Data Tactics joins L-3 NSS

2016 L-3 NSS Joins

CACI

2017 CACI Divests

Titan Technologies

A legacy OF SUCCESS

3

Our leadership team has been implementing complex technology solutions for Defense and secure Federal customers for more than 30 years.

TOP SECRET FACILITY CLEARANCE

200009001:2015

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Technology Partners

Expert System USA’s Natural Language Processor software (Expert

NLP) is a sophisticated Commercial-off-the-Shelf (COTS) Natural

Language Processing/Understanding (NLP/NLU) software suite

which enables an organization to process textual content and

autogenerate sophisticated metadata to organize, discover, and

explore information and power analytic tools.

With Expert NLP, the data management paradigm shifts from

time-intensive manual tagging and one-dimensional search to

comprehensive auto-generated metadata and rapid and precise

discovery of information. Expert NLP is operational in the

Defense, Intelligence and Law Enforcement communities.

4

NNData’s Mission is to deliver a data management platform

that supports “Machine Learning for the Masses”. Their

NNCompass product is a complete AI-enabled data

management platform that lets you get a handle on the

most difficult ETL, streaming, data flow, preparation &

transformation tasks faced in the enterprise today.

NNCompass is operational in the Defense, Intelligence and

Enterprise SW communities.

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Titan Team

5

• David Ramirez – Chief Operating Officer

• Michael Edwins – Chief Growth Officer

• Belay Tekalign – VP, Mid-Atlantic Region, LANL/NSRC Program Manager

• Rob Buntz – Director, Digital Business Transformation

• Brian Welde – Compendia Product Manager

• Kevin Collins – Compendia Architect

• Kenny Kawahara – Compendia Engineer

• Gerald Gay – Chief Technology Officer

• Kevin Cousin, PhD – Chief Data Scientist

• Randy Garrett, PhD – Chief Data Officer

• Steve Aberle – Compendia Engineer

• Giuseppe Strafforello – Chief Technology Officer

• Emily Pace – Principal Linguist

• Erica Giorda – Product Manager

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

AFRL Team

6

• Dr. David Van Veldhuizen

• Kenneth Norman

• Stacie Tawney

• Urie Reed

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential7

2. Compendia product Overview

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Origin Story – NSRC Collaboration

8

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

What’s in a name?

9

A compendia is plural for compendium.

A compendium is a collection of concise but detailed information about a particular subject, especially in a book or other publication.

or

A collection of things, especially one systematically gathered.

COMPENDIA Oxford Languages

Titan’s Compendia is a flexible and modular orchestrator for assembling knowledge.

GET DO

Information Process Knowledge

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential10

• Data professionals use Compendia’s AI & ML-enabled ETL environment to ingest and transform unstructured, semi- structured, and structured content into useful information.

• Data curators use Compendia to rapidly generate high quality metadata and prepare information for use in applications like search, visual analytics, business intelligence, and records management.

• Compendia’s NLU-enabled precision search and recall capability yields more useful answers to complex research questions helping analysts and specialists to get to insight faster.

DOE National Lab ROI: 2,000 researchers = $34M wasted annually

A data enrichment & search solution that enables organizations to more effectively organize, discover, and derive insights from their information resources

Compendia for research

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Key technology – Optical character recognition

11

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Key technology – natural language Processing / Understanding

12

Deep Linguistic Analysis

Supports sophisticated natural language understanding by parsing each document sentence into tokens, lemmas and parts-of-speech

Knowledge Graph Empowered

Resolves ambiguous terms to their precise meaning, and determines overall document sentiment

Entity Extraction & Linking

Recognizes People, Companies, Locations and other Entities

“Fire” as the event of something burning vs. “Fire” as a dismissal vs. “Fire” as discharging ammunition vs. “Fire” as stir up or inflame

Relationships

Disambiguation

©2021, Titan Technologies, LLC. Proprietary & Confidential

Text Metadata-Enriched Text

Knowledge Graph

NLP/NLU Engine

Language Understanding

Linguistic Projects

Text Categorization Entity Extraction

Applications & Products • Search • Content Management • Text Analytics • Natural Language API • Compendia

Studio

Development Environment

Natural Language Processing / Natural Language Understanding (NLP / NLU)

© 2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential 5

Natural Language Processing for Document Understanding

Deep Linguistic Analysis

Text Subdivision

Part of Speech Tagging

Morphological Analysis

Lemmatization

Syntactic Analysis

Semantic Analysis

Document Understanding

Topic Classification

Entity Extraction

Relationships

Sentiment

Standard Extractions

Custom Extractions

© 2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential

Knowledge Graph

• Natural Language Processing pipeline semantic network • English Knowledge Graph contains ≈450k concepts and millions of links • Can incorporate unique customer knowledge and focus areas

6© 2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential

Comprehensive Off-the-Shelf Linguistic Projects

*Additional specialized taxonomies and custom entity extractions are available (including military and intelligence entities).

• General Topics • Finance • National Security & Intelligence • Crime • Emotions & Behaviors • Geography

Standard Taxonomies*

• People • Organizations • Companies • Geographic Places • Postal & Email Addresses • Phone Numbers • Social Media Mentions • Hashtags • Vehicles

Standard Entities*

7© 2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential

Studio Development Environment

8

• Linguistic project builder for entity extraction and text classification

• Integrated with natural language understanding engine

• Inline knowledge graph browser with search capabilities

• Powerful editor with syntax highlighting and autocomplete with IntelliSense

• Text annotation tool for setting target entities and categories

• Quality dashboard for measuring precision and recall with respect to the targets defined in Studio

© 2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential

Compendia’s NLP/NLU Powers Precise Content-Level Search

©2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential

Document Content Tags

Compendia’s NLP/NLU Powers Precise Content-Level Search

Taxonomy Categories

©2021, Titan Technologies Proprietary & Confidential

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Compendia at a glance: AI-ENABLED DATA ENRICHMENT & Search

20

TAKE THIS TO ENABLE THISTURN IT INTO THIS HIGHLY UNSTRUCTURED DATA

RESEARCH ARCHIVE HIGHLY STRUCTURED DATA ENRICHED THROUGH

ML WORKFLOWS & NLP/NLU HIGHLY EFFICIENT, USABLE, SCALABLE DATA ARCHIVE;

DISCOVERABLE ENTITIES & RELATIONSHIPS

21 3

©2021, Titan Technologies, LLC. Proprietary & Confidential

Current Architecture UI / END USER CLIENTS WEB PERSISTENCE

Expert Studio

AWR UI

NNCompendia UI

NNCompass UI

Compendia Dashboard UI

NiFi UI

Authentication AWR

Logging

Processor

Synch PostgreSQL

elastic

NAS

Authentication

Logging

www

Load Balancer

www

Load Balancer

JETTY//:

TOMCAT

NiFi

Logging

Data Provenance

Flow Files

Metadata normalization

Classification extractor

Custom data source API

De-duplication

Permission Persistence

Processors

Processors

Expert.nlp

elastic

3rd party CSV, xls, json, xml, Etc.…

Structured data, Metadata files

Formatted Results

Search Results

https – json doc text, awr session data,

normalized permissions

Metadata for Search

Store Doc text (Unencrypted)

Search Results

Text/ results

Get Doc text

Processing queue

Data sources and files

Documentum, Windchill, SharePoint, shared drives, PDFs, Word documents, PowerPoint, Etc.

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential

Deployment options

22

Cloud native Multi-cloudhybrid On-premise

1 2 3 4

©2021, Titan Technologies, LLC. Proprietary & Confidential

Features Pro Core Basic Ingestion, Extraction, Preparation X X X AI-enabled Metadata Extraction X X X Precision Search & Recall X X X Analytics Orchestration X X X Export X X X NLU/NLP Enrichment X X Knowledge Graph X X Linguistic Project Development X Support Pro Core Basic Titan Omni-channel Support X X X

23

COMPENDIA for research – LICENSING MODELS

Use or disclosure of data contained on this sheet is subject to the restriction on the title page of this proposal.

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential24

Demo

©2021, Titan Technologies, LLC. Proprietary & Confidential©2021, Titan Technologies, LLC. Proprietary & Confidential25

Q & A

©2021, Titan Technologies