1: User Interface
Services
|
|
|
|
|
Graphical User Interafce |
These services are not necessary for system to system
interoperability but do provide benefits to NCF Systems e.g.
people portability.training |
Standards exist to proliferate User Interface services
(e.g. Character-Orientated, Graphical User Interafaces, as well
as dedicated) within multiple functional domain areas. |
Support is required based on the version of Windows/X
Windows utilized. |
|
Look & Feel |
As above |
As above |
As above |
The type of COTS available may be limited in scope or not
all-inclusive (e.g. style guides). As a result Military should
refer and conform to their respective Defence documents
accordingly. Associated costs will differ based on resource
applicability. |
Toolkit |
As above |
Toolkits exist to support standards |
As above |
|
2: Data
Management
|
|
|
|
|
Dictionary/ Directory
(Data
Dictionary)
|
Specific to individual nations, i.e. no Coaltion
Interoperability requirement. However, NATO needs to identify,
develop definitions, and store common data elements for NCF
systems, in the NC3 IRDS. |
|
|
|
Database management systems (Relational and
Object-Orientated) |
Specific to individual nations i.e. no Coalition
Interoperability requirement. Required for NCF systems. |
|
|
|
Distributed Data |
|
|
|
|
Remote Data Access |
There is a Coalition Interoperability requirement for
remote data access (e.g. between server/server
environments). |
SQL CLI only open standard. ODBC is the Microsoft
variant. SQL*NET (ORACLE) regarded as dominant product.
Web-based access protocols are widely used across the
Internet; these offer limited database functionality.
SOAP and XML related protocols could serve this
purpose.
|
No significant impact. |
No significant impact. |
Database Replication |
There is a requirement to support database
replication by "push" only. There are some aspirations to use
database replication as a mechanism to satisfy Coalition
interoperability requirements although the extent of the
requirement is not finalised.
Replication may be
employed within individual systems to meet survivability and
performance requirements - this does not justify inclusion of
this service within the NCSP at this time, but will need to be
effectively addressed in the near future (e.g. ATCCIS, CCEB
CWAN.)
|
There are only a few acceptably open standards for
replication protocols: this is the prime hindrance to
standardization.
See note A.3
|
Many legacy systems employ flat-file databases which do
not support efficient replication protocols. |
Adoption of a single database product NATO-wide will not
be acceptable on procurement grounds. |
NATO Common Schema See Note
A.2
|
Interoperability requires common syntactic and
semantic understanding of data. This necessitates
standardization of data definitions and schema. However, from a
NCSP perspective:
Both categories are under development by
the NATO Data Administration Group (NDAG).
|
Metadata standards are open but there are no open
standards for military data (except geospatial and Hydrographic;
see standard data products below). It is important to note that
the CALS standard [MIL-STD-28003B] for metadata
references/profiles ISO 8632 CGM. The title is 'Digital
Representation for Communication of Illustrative Data.'; There
is also an ISO 8632 profile that has been developed in the US by
NIMA. |
Much existing software uses well-established military
data models such as ACP133. |
Widespread data standardization requires huge investment.
Bilateral arrangements are likely to be cheaper for the
bilateral arrangements, but much more expensive in multilateral
arrangement situations. |
3: Data
Interchange
|
|
|
|
|
Graphics |
|
|
|
|
Images (Vector and Raster) |
There is a Coalition Interoperability requirement for
standardization for formatting digital imagery files and imagery
related products. |
Many open standards exist. Some standards are
military-specific, but are open in the sense that they are
widely supported. (E.g., CALS has developed a metadata standard
MIL-PRF-28003A which profiles the ISO computer Graphics Metafile
(CGM) standard ISO 8632. Also, a CALS Raster Standard
MIL-PRF-28002C puts raster graphics into a binary
format. |
The continuing support for the majority of these formats
is required for legacy systems. |
No significant impact. |
Fax |
There is a Coalition Interoperability requirement to
exchange fax data. |
Open standards exist. |
No significant impact. |
No significant impact. |
Video/ Audio
(Moving Images and Audio/
Video)
|
|
|
|
|
Packet Switched (Voice-over-IP) |
There is a Coalition Interoperability
requirement. |
Open standards exist in most areas. |
No significant impact. |
No significant impact. |
Circuit Switched |
There is a Coalition Interoperability
requirement. |
Open standards exist in most areas. |
No significant impact. |
No significant impact. |
Tactical Digital Information Links
(Communication Standards for TADILs are dealt with under
the Communication Service Area)
|
There is a Coalition Interoperability requirement for
real-time data interchange. Primarily a C2I requirement |
No open standards exist, so TADILs are military
specific |
Different Data Link is in use. Guidance is provided in
"Data Link Migration Strategy" SACLANT 3000 C/03/Ser: NU0606,
Sept 1998 |
COTs providers are limited |
Military Message Text Formats |
All formats identified thus far are specific to C2I
systems.
(This category does not cover formats
related to message handling policy (e.g. P772) which is covered
separately below.) C2I-specific messages can be included as the
"body part" of STANAG 4406 messages.
|
These formats are military-specific but most are
effective in the sense that they are widely supported. |
The continuing support for the majority of these formats
is required for legacy systems. |
No significant impact. |
Civil Message Text |
There is a Coalition Interoperability requirement for
these interchange formats. Certain message formats (e.g. CALS)
are specific to a particular business function so the strength
of the NATO-wide requirement for these is questionable. |
Effective standards (either military-specific de jure
standards or open commercial specifications) exist in most
areas. |
Some widely used message formats vital for continued
interoperability with legacy systems. |
No significant impact. |
Geographical
(GIS)
|
There is a Coalition Interoperability requirement
for interchange of geospatially-referenced data (e.g. overlays).
Primarily a C2I requirement.
Formats for standard
geospatial and Hydrographic data products need to be
standardized across all recipient nations.
There
is a requirement to share geospatial data, but no requirement to
standardize on an application.
|
De jure format standards exist for distribution
purposes.
Attempts are being made by GIS vendors to
develop some standards for APIs and data interchange.
Agreement by the Open GIS Consortium (OGIS) on an API
standard has now been achieved.
|
There are many GIS in use in existing systems and
significant quantities of GIS data in proprietary formats.
Legacy applications software assumes proprietary formats which
will require conversion either to other proprietary formats or
to less common de jure format standards. Some NCSP-conformant
systems will need to support additional (proprietary) formats to
provide interoperability with specific legacy systems; the
legacy systems themselves will dictate where and what additional
formats will be needed.
There are lots of legacy
applications and geospatial databases around.
|
Adoption of a de jure interchange format for
geographically indexed data could preclude use of many COTS GIS
products, unless partnership with GIS vendors helps to ensure
development and maintenance of data interchange
converters. |
Document |
|
|
|
|
Mark-up Languages |
Coalition Interoperability requirements exist for
transfer of information in device-specific formats (e.g.
camera-ready documents and artwork or where an application
unique to one NATO nation needs to pass a printable output to
another NATO nation's system). |
Open standards exist. |
Many systems will be unable to interpret the mark-up tags
. |
No significant impact. |
Page description or display languages |
Coalition Interoperability requirements exist for
transfer of information in device-specific formats (e.g.
camera-ready documents and artwork or where an application
unique to one NATO nation needs to pass a printable output to
another NATO nation's system). |
Open standards exist. |
Many systems will be unable to read, display or print
current page description formats. |
No significant impact. |
Office Automation interchange formats
(Cover under remarks column in NCSP)
|
There is a NATO-wide requirement to exchange OA
documents. |
MS Office formats open by virtue of market
dominance.
Within NATO pdf is the exchange format
for invariable documents.
De jure document formats
(e.g. ODA) are not sufficiently well supported to qualify as
acceptably open.
See note A.4
|
Many legacy OA packages in use but functionally limited
converters available for many formats. |
No significant impact. |
Hypertext interchange formats |
There is a NATO-wide requirement to exchange
hypertext documents (for Intranet purposes or as an alternative
interchange format for OA).
See note
A.5
|
Open formats exist (HTML plus widely supported
proprietary extensions). |
No significant impact. |
Depends on organizational requirements. For instance, a
single data stream can be used by a variety of applications to
support multiple devices that include: cellular telephones,
computers, web television, etc. This can be accomplished by
processing XHTML tags within the XML data stream. As a result,
this could reduce existing costs significantly |
File compression and archiving |
There is a Coalition Interoperability requirement to
exchange compressed data. |
Many open compression standards exist. |
Support may not be available on certain legacy systems
for compression formats. |
No significant impact. |
Military Symbology |
Coalition Interoperability requirements exist to pass
symbolic information. This relates to the symbol types (e.g.
heavy battle tank, frigate) and the actual graphical symbols
used to represent them. |
No open standards exist, though there are military
standards which are widely supported by NATO nations (e.g.,
MIL-STD-1477B for engagement operations symbology). For force
operations, MIL-STD-2525B is also referenced. |
Many systems will not support adopted standards. |
No significant impact. |
Encoding |
|
|
|
|
Character sets and alphabets |
There is a NATO-wide requirement to support a common
character set. |
International alphabet #5 (with National variants) is the
only genuinely open standard at present. Future product support
for internationalized character sets (e.g. UNICODE) will become
more widespread. IA#5 assumed by other formats (e.g. for
OA). |
No significant impact. |
No significant impact. |
Data Encoding |
There is a Coalition Interoperability requirement to
exchange encoded data. |
Many open encoding standards exist. |
No significant impact. |
No significant impact. |
Optical Encoding |
There is a Coalition Interoperability requirement
particularly within the logistics community to read barcode data
in support of TAV (Total Asset Visibility). |
Many open encoding standards exist. |
No significant impact. |
No significant impact. |
Voice Encoding |
|
|
|
|
Multimedia and distributed real time service data
interchange |
There is evidence that requirements exist for distributed
real-time services and data interchange standards. |
Numerous national multimedia standards are accessible in
version 4 through the [US] Federal Telecommunications
Recommendation (FTR)-1080A-1998, Appendix A.: |
Support may or may not be available to various legacy
systems. |
No significant impact. |
4: Graphics
|
|
|
|
|
Graphics Development |
There is ar equirement for NCF systems |
National (US NIMA and CALS) standards are available as a
reference point. |
|
|
Graphics Programming/ Modelling |
There may be a requirement for NCF systems in the near
future |
|
|
|
5:
Communications
|
|
|
|
|
Application Layer |
|
|
|
|
Messaging |
These services are necessary for Coalition
Interoperability |
Open solutions exist for server to server message
transfer protocols (i.e. X.400 P1 protocol and equivalent). The
openness of mail client to server protocols (i.e. X.400 P7,
POP3, proprietary mail protocols) is not clear.
See
note A.6
|
Support is required within the messaging infrastructure
for ACP127 (Radio and Teletype RATT Broadcasts) and other legacy
messaging protocols. |
Most COTS solutions do not satisfy all military
requirements. However, systems which are designed specifically
for military applications can result in higher developmental and
life cycle costs due to the need to obtain additional
maintenance support. |
Directory Services
(Schema, Access, Chaining, Replication, Operational
Management)
|
These services are necessary for Coalition
Interoperability As a result, requirements exist for an allied
directory system that can support the transfer of directory
information. This requires that the following are standardized
(as per ACP 133):
The directory will also be responsible
for provision of security certificates which are demanded by the
NATO messaging profile.
See
conclusion
|
Standards for directory systems exist (e.g. X.500,)
and have growing product support.
See note
A.7
|
Generally directory systems have been applied to network
level services or in a localised context for local messaging
systems. Support is required between an ACP 133/X.500 and either
an ACP 100/ACP 117 environment or a proprietary/Internet
environment. These will require integration and consolidation
with ACP 133/X.500 based systems in order to scale and provide
the allied service levels demanded with the full range of
security requirements. |
The risk to allied capability is that the directory
support services are not provided in a secure and scaleable way.
Since ACP 133 defines a target, nations may in the interim
implement similar, yet non-interoperable subsets of the
specification. |
Domain Name Service |
There is a Coalition Interoperability requirement for the
exchange of naming and addressing data |
Open specifications exist: DNS and X.500
Both will be required: see note A.11
|
No significant impact. |
No significant impact. |
Naming and Addressing |
There is a NATO Interoperability requirement for the
standardization of names and addresses as documented in NACOSA
Operating Instructions. This will have an impact on Coalition
Interoperability having to use similar naming and addressing
rules |
Names and addresses should follow DNS and X.500 rules. In
addition procedural rules are required. |
No significant impact. |
No significant impact. |
File transfer |
There is an evident Coalition Interoperability
requirement for file transfer. |
IPS applications are open. |
No significant impact. |
No significant impact. |
Remote terminal |
There is a Coalition Interoperability requirement for
remote terminal access between nations; it is limited to legacy
systems. |
IPS applications are open. |
Remote terminal possibly the only means of
interoperability with certain legacy systems. |
No significant impact. |
Hypertext transfer |
There is a NATO-wide requirement to transfer hypertext
documents (for Intranet purposes). |
Open protocols exist (HTTP). |
No significant impact. |
No significant impact. |
Bulletin Board |
There is a possible future Coalition Interoperability
requirement for News group and bulletin services. |
Open protocols exist (e.g. NNTP) |
No significant impact. |
No significant impact. |
Time services |
No evidence of a Coalition Interoperability
requirement. |
Open protocols exist (e.g. NTP) |
No significant impact. |
No significant impact. |
Audio/Video Teleconferencing |
There is evidence of a Coalition Interoperability
requirement for transfer of sound between CIS |
Open protocols exist in most areas. |
No significant impact. |
No significant impact. |
|
There is a Coalition Interoperability requirement to
perform video conferencing. |
Open standards exist. |
No significant impact. |
No significant impact. |
Whiteboarding |
There is a possible future requirement for Whiteboarding
services. |
Open standards exist. |
Most legacy systems will not support
Whiteboarding. |
Adopting a product that subsequently fails to win market
share could incur significant cost penalties. |
Application Sharing |
There is a NCF requirement for application
sharing. |
Open standards exist (Data protocols for multi-media
conferencing (ITU T.120)) |
|
|
Miscellaneous |
|
|
|
|
|
Interoperability requirements arise from:
-
those communications applications (e.g. OSI X.400
applications) that make use of specific upper layer
profiles;
-
those distributed computing services that make use
of, or independently provide, upper layer
functionality.
|
Standards and profiles are readily available (e.g. ACP
133 and DHCP) |
No significant impact. |
No significant impact. |
Presentation Layer |
OSI Presentation layer services are included within
specific applications |
Profiles exist in the upper layer (e.g. ACP 133) |
No significant impact. |
No significant impact. |
Session Layer |
OSI Session layer services are included within specific
applications |
Profiles exist in the upper layer (e.g. ACP 133) |
No significant impact. |
No significant impact. |
Transport Layer |
There is a requirement to standardize transport protocols
between nations CIS |
Open standards exist |
No significant impact. |
No significant impact. |
Network Layer |
|
|
|
|
Internetworking |
There is a requirement to standardize methods for LAN/WAN
& LAN/LAN interworking for the purposes of inter-system
interconnection. |
Open standards exist |
No significant impact. |
No significant impact. |
Router Services
(Covered
in NCSP remarks column for Internetworking)
|
Coalition Interoperability requirements exist. |
Open standards exist |
No significant impact. |
No significant impact. |
Circuit Switched Wide Area
Networking |
There is a requirement to link into national telephone
networks of NATO nations during joint operations. There is also
a requirement for NATO nations to communicate over secure
telephone circuits. |
Standards are available |
No significant impact. |
No significant impact. |
Point-to-point services
(Covered in NCSP remarks column for circuit
switched)
|
These services are necessary for Coalition
Interoperability |
Open standards exist. Point to Point standards such as
IETF RFC, PPP Multilink Protocol allows for aggregation of
bandwidth via multiple simultaneous dial-up connections. |
No significant impact anticipated. |
Based on distributed system configuration
restraints. |
Packet Switched Wide Area
Networking |
There is a requirement for standardization of the
services provided by the wide-area communications
infrastructure. |
Open standards exist |
See system evolution. |
No significant impact. |
Tactical data link Services |
Tactical data links are widely used by the NATO nations.
There is a requirement for these to be integrated into future
CIS. |
De facto military standards exist. |
|
Disparate data link message formats and related
communications often cause a delay in critical battlefield
information. Associated cost and risk factors need to be taken
into account as a result. |
Data Link/ Physical Layer |
|
|
|
|
SATCOM |
|
De facto military standards exist. |
|
|
Radio |
No Coalition Interoperability requirement (other than at
point of attachment to wide-area communications infrastructure -
see above). |
De facto military standards exist. |
No significant impact. |
No significant impact. |
Cable |
No Coalition Interoperability requirement (other than at
point of attachment to wide-area communications infrastructure -
see above). |
Open standards exist |
No significant impact. |
No significant impact. |
6: Operating
Systems
|
|
|
|
Based upon specific OS releases and versions (e.g., NT
vs. W2K or UNIX 95 vs. UNIX 98) most costs and associated risks
may prove exponential to the project goals and objectives
undertaken. |
Kernel Operations |
There services are necessary for Coalition
Interoperability |
|
|
|
Non Real Time |
There is a NATO requirement to standardize on platforms
as much as possible for reasons for costs and training |
Two operating systems support application software (i.e.,
POSIX & Windows) for C2 systems in version 4 throughout most
coalition environments. Within NATO Windows is the predominant
platform . |
System administrative support is required for management
purposes based on the operating platform, its resources and
users based community. |
|
Real Time |
There is a requirement to have real time platforms
interoperate with non-real time platforms. |
When requiring real or near-real-time capabilities, open
standards must be considered for this purpose (i.e., IEEE
1003.13:1998). |
|
|
7:
Internationalisation
|
See Data Interchange Class Encoding |
|
|
|
8: System and Network
Management
|
|
|
|
|
Enterprise Management |
No evidence of a Coalition Interoperability
requirement
See note A.9
See
Conclusion
|
Sufficiently open standards exist (e.g. SNMP) for cross
system management. |
No significant impact. |
No significant impact. |
System and Network Management |
|
|
|
|
LAN Management |
No evidence of a Coalition Interoperability
requirement for management of local area networks.
Network management standardization will be required within
the wide-area communications infrastructure. But this is not
relevant to the management of networks under the control of
end-systems.
See note A.10.
See
Conclusion
See systems management conclusion
above.
|
Open standards exist for LAN management only. However,
these often do not meet security requirements associated with
the management of Defence systems. |
No significant impact. |
No significant impact. |
WAN Management |
A Coalition Interoperability requirement exists for
CWAN.
For the immediate future, special procedures
will be required to manage the CWAN.
See note
A.15
See Conclusion
|
|
|
|
9a: General
Security
|
|
|
|
|
Authentication |
There is an aspiration in future to be able to
provide a NATO-wide logon to national systems and the CWAN with
automatic propagation of identity and access rights
Less ambitious Inter-Nation requirements include
-
the ability to coordinate the management of user
identities, access rights, passwords etc. across
systems;
-
the ability to pass clearances or other privilege
attributes (e.g. group memberships) between systems when
making access requests.
|
Open standards exist in this area (e.g. X.509), but
agreement on the syntax and the semantics of clearance
attributes is required. |
Few legacy systems offer any sophisticated security
functionality which would make them amenable to interconnection
in this way. |
Single log-on across heterogeneous systems is an immature
area which would represent a risky standardization undertaking.
A lack of commonality in approaches will be an increasingly
significant impediment to interoperability. National constraints
over system security policies will represent a cost and risk to
many projects. |
Access Control |
See authentication above |
As with authentication, the overwhelming
requirement to standardize for interoperability can be argued to
outweigh the openness disadvantages.
NATO-specific
standards will be required in areas such as security class
labeling.
|
Few legacy systems offer security functionality amenable
to interconnection in this way. |
Inter-Nation access control mechanisms and policies need
to be established that do not force all end-systems to adopt a
uniform security policy or achieve the same assurance
targets. |
Key Management and Distribution |
Coalition Interoperability requirements arise
from:
-
the need to distribute keys from a central issuing
authority to individual end-systems. This; will be
determined by wider Government policy.
-
the need for separate end-systems to exchange keys
(e.g. for digital signature purposes). This is a potential
NCSP requirement.
|
There are open standards in this area. Assymetric
keys can be distributed via PKI and Symmetric keys can be
distributed via EKMS. Nation-specific variants of open standards
are under development.
See note A.8
|
No significant impact. |
Automated transfer of keys and other security attributes
between systems is an immature technology and represents a
significant risk. |
Confidentiality |
Coalition Interoperability requirements exist for
confidentiality and integrity options within more direct
communications mechanisms, such as RPCs and transport layer
protocols. |
Open standards do exist for options in transport
protocols via Internet technologies (e.g. SSL, TLSP) may soon
provide a solution. Operation of RPC mechanisms in version 4
through firewalls is still immature. |
Link layer encryption has been the traditional means of
providing confidentiality services, and few legacy systems offer
this service at other layers. However, even if a common IP high
grade crypto is achieved, it will not meet all the requirements
for the foreseeable future in respect of availability, transec
and traffic flow security, hence there will continue to be a
need for high grade link cryptos to meet these
requirements. |
Inter-nation data confidentiality mechanisms and policies
need to be established that do not force all end systems to
adopt a uniform security policy or achieve the same assurance
levels. This will of course have an impact on the degree of
interoperability |
Integrity |
See data confidentiality above. |
See above. |
See above. |
No significant impact. |
Accounting and Audit |
These services are necessary for Coalition
Interoperability |
Open standards exist. Procedure-based mechanisms may need
to be adopted. |
No significant impact. |
No significant impact. |
Non-repudiation |
Coalition Interoperability requirements exist for
non-repudiation of information exchange other than
messaging. |
No specific open standard exists, but may be achieved by
combing open standards, such as hashing and digital
signature. |
Few legacy systems offer this service other than by
procedural controls. |
Adoption of a non-COTS solution will increase cost and
risk. |
Security Domain Mediation |
Security domain mediation mechanisms are needed for
interoperability but the requirement for them generally arises
on a bilateral basis. A future NATO security policy may give
rise to a need to standardize mediation services. |
No open standards for such services presently exist.
Firewall products have a general utility in securing
interconnections between end-systems. However, these are not
sufficiently well standardized to qualify as being open. |
Special enabling mechanisms will continue to be needed to
mediate between the security policies of legacy systems. |
Building high-assurance guard devices add to cost and
risks of interconnection. |
9b: Message
Security
|
|
|
|
|
Message origin authentication |
There is a clear Coalition Interoperability requirement
that the origin of all formal messages can be
authenticated. |
Standards exist in this area (X.509) and five nations
within the NATO have agreed common algorithms for digital
signatures (e.g. DSS). |
Users on legacy systems that do not support the use of
certificates and digital signatures will be unable to
authenticate message origin unless a boundary device is utilized
to verify the digital signature of the originator, and
mechanisms are employed within the legacy system to guarantee
integrity of the message between the boundary device and the
recipient. Similarly outgoing messages can have the digital
signature of the boundary device appended to provide a level of
authentication in the other direction. |
Sufficiently strong algorithms are in the public domain,
and commercial products are available to implement them. Five
nations within the NATO have agreed on common algorithms for
digital signatures. The main cost/risk issue is in the
supporting infrastructure for the generation and distribution of
certificates and tokens and the cost/risk impact of this aspect
may be significant. |
Message Access Control |
There is a clear Coalition Interoperability requirement
for exchange of clearance information and security labels in
support of formal messaging. |
Standards exist in this area (e.g. X.411). |
Other than communications and intelligence systems, few
legacy systems support the use of security labels or the
processing of clearance information. |
Commercial products today do not implement X.411 with the
clearance extensions hence are not regarded as providing
sufficiently strong security to meet the military requirement;
but they appear to be moving in this direction so the cost/risk
impact may be acceptable. |
Message content privacy/ confidentiality |
Three of the five NATO/CCEB nations have stated a
requirement for per-message confidentiality within message
transfers. |
Open standards exist for options within messaging
protocols; SMIME, PCT and ACP 120 support the military
requirement. |
Few legacy systems offer security functionality within
messaging protocols. |
All nations are implementing some type of security (ACP
120, PCT or SMIME) and the cost to implement the necessary
mechanisms and management infrastructure for interoperability is
likely to be acceptable. Different national policies on
encryption may hinder adoption of a common policy. |
Message content integrity |
Coalition Interoperability requirements exist for
integrity options within message transfers. |
Open standards exist (e.g. SHA-1, MD5) for options within
messaging protocols. |
Few legacy systems offer security functionality within
messaging protocols. |
Sufficiently strong algorithms for integrity are in the
public domain, and commercial products are available to
implement them. However, when these are combined with encryption
to form a digital signature, the main cost/risk issue is in the
supporting infrastructure for the generation and distribution of
certificates and tokens and the cost/risk impact of this aspect
may be significant. |
Certificate managent and distribution |
Coalition Interoperability requirements arise from the
need to distribute signed certificates from a central issuing
authority to a directory which is accessible to individual
end-systems, and for individual end systems to be able to verify
the authenticity of those certificates. |
There are open standards for directories (e.g. X.500) and
emerging standards for Public Key Authentication Frameworks and
Certificate Management Infrastructures. |
Few legacy systems provide the necessary
mechanisms. |
Automated transfer of signed certificates between systems
is an immature technology and represents a significant risk.
Current commercial products are not deemed sufficiently secure.
Alternative mechanisms such as cross-certificates are currently
being examined. |
Message non-repudiation with proof of origin |
Coalition Interoperability requirements exist for
non-repudiation of message transfers. No other instances of
inter-nation non-repudiation requirements have been
identified. |
Open standards exist (e.g. digital signatures) for
options within messaging protocols. |
Few legacy systems offer security functionality within
messaging or other protocols, however most legacy messaging
systems offer this service in version 4 through procedural
controls. |
Commercial products implementing ACP 120 are available,
and products supporting SMIME are emerging. Cost/risk issues are
not expected to be significant. |
Message non-repudiation with proof of delivery |
Coalition Interoperability requirements exist for
non-repudiation of message transfers. No other instances of
inter-nation non-repudiation requirements have been
identified. |
Open standards exist (e.g. signed receipts with trusted
time stamps) for options within messaging protocols. |
Few legacy systems offer security functionality within
messaging or other protocols, however most legacy messaging
systems offer this service in version 4 through procedural
controls. |
Commercial products are available so cost/risk issues are
not expected to be significant. |
Message security labelling |
This is a subset of Message Access Control. |
|
|
|
Message accountability |
Coalition Interoperability requirements exist. |
Some standards do exist. |
Few legacy systems offer security functionality within
messaging or other protocols, however most legacy messaging
systems offer this service in version 4 through procedural
controls. |
Implementation cost and risk will be high if commercial
products cannot provide the required functionality and
assurance. |
10: Distributed
Computing
|
|
|
|
|
Environment/ Remote Process |
No evidence of a present Coalition Interoperability
requirement but future requirements may arise. |
No open standards. ONC+ RPC, DCE RPC and Windows RPC are
all interoperable to an extent but not in a secure
manner. |
Upgrades should be evaluated to eliminate security
issues. |
Based on user/organizational requirements. |
Distributed Database Management System |
|
|
|
|
Remote presentation services |
No evidence of a Coalition Interoperability
requirement. |
Open standards exist for UNIX environment (X11). Widely
licensed proprietary standards exist for the Windows
environment. |
No significant impact. |
No significant impact. |
File Services |
No evidence of a Coalition Interoperability
requirement. |
Open standards exist (SMB, NFS). |
No significant impact. |
No significant impact. |
Print Services |
No evidence of a Coalition Interoperability
requirement. |
Open standards exist (SMB, LPD). |
No significant impact. |
No significant impact. |
Distributed transaction processing services |
No evidence of a present Coalition Interoperability
requirement but future requirements may arise. |
No Open Standards. |
No significant impact. |
No significant impact. |
Object Services |
Coalition Interoperability requirements in this
area are presently confined to the representation of objects
embedded within OA documents
Wider use of
distributed computing mechanisms for Inter-Nation
interoperability is considered under the distributed computing
category below.
There may be a NATO Common Funded
Systems (NCF) need for such services.
See note
A.12.
|
DCOM is to be controlled in the future by an open
standards body and will therefore qualify as an open
standard.
Sufficiently open standards (e.g., DCE
and CORBA)
|
No significant impact.
No significant
impact.
|
No significant impact.
No significant
impact.
|
Time Services |
|
|
|
|
Simulation Services |
|
|
|
|
11: Software
Engineering
|
Services in this area are relevant only to NCF
services |
|
|
|
Languages |
|
|
|
|
Case |
|
|
|
|
Software Development |
|
|
|
|
12: Common C2
Applications
|
No evidence of a Coalition Interoperability requirement.
Porting of applications may be used as a route to
interoperability where no open standards exist. |
No genuinely open products. |
Potentially relevant, e.g. Nauticus. |
Application standardization may lead to undesirable
procurement constraints. |
Correlation Services |
There is a requirement to share track data (and hence a
common picture), but no requirement to standardize on an
application. |
There are no open standards for track management
services. Military standards for passing track data exist (e.g.
OTH-Gold). |
Potentially relevant. The wide use of Nauticus as the
main track management application could lead to problems if
support for the product changes. |
Application standardization may lead to undesirable
procurement constraints. |
Alert Services |
There is evidence of a Coalition Interoperability
requirement to pass alerts such as flash messages.
See note A.13.
|
No open standards |
No significant impact. |
No significant impact. |
Data Fusion |
There is no requirement at present, however as coalition
forces become more integrated there may arise a need to fuse
data from disparate sources. |
No open standards |
Not applicable at present. |
Not applicable at present. |
13: Collaborative Computing (This
will not be added as a new area but all these services will be
covered under other areas).
|
|
|
|
|
Workflow Services |
There is a possible future Inter-Nation requirement for
workflow services. |
Open standards are emerging. |
No significant impact. |
No significant impact. |
Information Dissemination Management (IDM) |
There is a requirement for the support of group access
but in read-only mode. |
Open standards exist. |
No significant impact. |
No significant impact. |