- About the volumes
- Download PDF of V5
- V1 - Introduction and Management
- V2 - Near Term
- V3 - Mid to Far term
- V4 - Interoperability Profile Guidance
- V5 - NISP Design Rules
- V6 - NISP - Annexes
-
3.3. Key Drivers
58. A key driver in the process of selecting the NISP services has been the existence (or likely existence) of user requirements and whether or not the technology exists to provide those services. The selection of standards for the NISP specification has been driven by the following:
-
Adoption of Internet and web technologies. The NISP cites the popular internetworking standards TCP, IP and UDP; the data exchange protocols in widespread use on the Internet and in commercial networks (HTTP, NNTP, FTP etc.); and common data interchange formats (HTML, JPEG, zip, etc.);
-
Need for security. The most significant departure from commercial standards is in the adoption of a common security protocol particularly in support of messaging. A common approach to secure messaging is fundamental to the existence of an effective NISP;
-
Adoption of essential requirements to meet military needs. Common elements of NATO standards for organizational messaging (STANAG 4406/ACP123) and directory (ACP133) are adopted.
59. The NISP makes no statements about the security architecture or policy to be adopted for end-systems. However, the widespread interconnection of systems envisaged means that Secure Messaging alone cannot provide adequate protection. Depending upon the protective marking of the data and/or system and the geographical location and nature of the communications bearers, messaging interconnections between systems will continue to require COMSEC protection through the use of (an appropriate grade of) encryption at the net-work/link level. Even where the data exchanged has a low or even no security classification, COMPUSEC concerns, possibly derived from distant systems in the federation, will often lead to a supplementary requirement for network-level encryption.