Classification
MCE data classification is the unique adaptation of military-grade labelling and access control techniques to chat rooms and messages using sophisticated national classification systems such as CAPCO as GSCP. It treats secure chat rooms as dynamically classified documents, performing message and room labelling, classification banner-rollup, and security clearance authorisation. This secures classified data using government-mandated information management practices as first-class chat system constructs, whilst allowing the data to be shared frictionlessly in real time.
Community of Interest Support
The MCE security architecture is rooted in the novel "Communities of Interest" paradigm advocated by the Intelligence Community. It segregates all aspects of the system - such as chat rooms, users, and content - into secure compartments to enforce strong access-control boundaries, define explicit data handling procedures, and mitigate spillage risks. This protects highly-sensitive information using best-practice techniques from the IC by ensuring data is organized and shared only with those with a "need to know".
End-to-End Enterprise Encryption
MCE's end-to-end encryption is an innovative approach to zero-trust architecture using specialized information security paradigms adopted by the intelligence community. It leverages the "Communities of Interest" pattern to protect and exchange encryption keys whilst preserving both organizational governance and the scalability required for effective mass-participation, real time collaboration. This mitigates prevalent insider threat against the vast attack surface of a typical chat system without compromising the capability of the system to support the modern mission.
Secure Multi-Tenancy
MCE multitenancy is the ability to define deep ethical walling mechanisms, trust models, and data management controls to securely partition users and chat rooms on a single MCE instance. It enables MindLink to be hosted as a centralized hub service for users from allied organizations, agencies, or countries whilst maintaining granular levels of trust, segregation, and secrecy as necessary. This facilitates the rapid onboarding of multiple coalition partners across the mission arena whilst proactively controlling the risks associated with multi-party intelligence dissemination.
Attribute-based Access Control
The MCE security engine is a sophisticated and multi-layered access control system based on military-grade practices of secret attributes, roles, and security clearances. It allows chat room access rights to be configured at multiple levels of privilege and granularity through expressive and role-based permissioning rules, using secret attributes and security clearances sourced from trusted third-party directories. This encourages information flow across the mission theatre though autonomous and devolved management of chat rooms, whilst ensuring that the governance and confidentiality of such highly-sensitive data is maintained.
Persistent Chat with a Mission Focus
Persistent Chat is a messaging concept for group chat software that consist of standing, topic-based chatrooms with an emphasis on real-time messaging, that preserve conversation history over time which is visible to both current and future participants. It offers chatroom members a collaborative space to chronicle and discuss information surrounding a topic of interest to support group collaboration. This enables users in maintaining real-time collaboration with peers and partner organisations to facilitate swift and informed decision-making. The MCE platform is specifically designed to support critical use cases and ways of working across the modern mission theatre. It natively supports mission scenarios such as real-time coordination, watch-based teamwork, and incident management, and is engineered for use from remote or forward-deployed positions. This maximizes operational efficiency through purpose-built tooling by empowering users to focus on mission activities, events, and outcomes, in real-time.
Lightweight & Low Bandwidth
Our web-access client can be run from any device with a web browser. It is engineered to provide a powerful user experience in a lightweight application, accessible from anywhere without the need of heavy equipment. This offers mission partners a zero-footprint, always available, collaboration access point across the mission arena.
MindLink is architected and tested to operate in areas of poor connectivity or limited network coverage. It is proven to operate reliably in isolated, remote and bandwidth-constrained mission deployments. This enables consistent, real-time collaboration across all mission components including remote/forward deployed assets.