H.4. Infrastructure and Core Enterprise Services Standards

Purpose Standard Guidance
electronic mail (e-mail) transmission SMTP (RFC 1870:1995, 2821:2001), Simple Mail Transfer Protocol (SMTP)  
Publishing information including text, multimedia, hyperlink features, scripting languages and style sheets on the network HTML 4.01(RFC2854:2000), HyperText Markup Language (HTML), W3C  
Providing a common style sheet language for describing presentation semantics (that is, the look and formatting) of documents written in markup languages like HTML.

Mandatory: Cascading Style Sheets (CSS), Level 2 revision 1 (CSS 2.1), W3C Recommendation, Sep 2009.

Emerging : Cascading Style Sheets (CSS), Level 3(CSS 2)

Fading (until Dec 2011): CSS Level 1, Jan 1999.

 
Enable free text real time communication in combination with structured messages (data payload).

IETF RFC 6120 XMPP CORE covering XML streams, SASL, TLS, stanza semantics and RFC 6121 extensions for basic instant messaging and presence.

The following XMPP Extension Protocols shall be supported:

  • XEP-0004: Data Forms

  • XEP-0012: Last Activity

  • XEP-0013: Flexible offline message retrieval

  • XEP-0030: Service Discovery

  • XEP-0045: Multi User Chat

  • XEP-0060: Publish and Subscribe

  • XEP-0082: XMPP Date and Time Profiles

  • XEP-0128: Service Discovery Extensions

  • XEP-0138: Stream Compression

  • XEP-0033: Extended Stanza Addressing and multiple group chat service (emerging by Nov 11)

RFC 6120 supersedes RFC 3920 and RFC 6121 XMPP IM supersedes RFC 3921

Developers are also advised to consult the following RFCs:

  • RFC 6122 XMPP ADDR XMPP address format

  • RFC 3923 XMPP E2E End- to-end signing and object encryption for XMPP

  • RFC 4854 XMPP URN A Uniform Resource Name (URN) tree for use in XMPP extensions

  • RFC 4979 XMPP ENUM IANA registration of an Enumservice (see RFC 3761) for XMPP

  • RFC 5122 XMPP URI A Uniform Resource Identifier (URI) scheme for XMPP (this specification corrects several errors in RFC 4622)

 

XEP-0079: Advanced Message Processing to implement time-to-live (TTL) and reliability-in-delivery features or (emerging by Nov 11)

XEP-0198: Stream Management for active management of an XML stream between two XMPP entities, including features for stanza acknowledgements and stream resumption. (emerging by Nov 11)

 
Providing web content or web feeds for syndication to web sites as well as directly to user agents.

Mandatory: Really Simple Syndication (RSS) 2.0 Specification

Emerging (by Dec 2011): Atom 1.0: Atom syndication format, Dec 2005 (RFC 4287) and Atom Publishing Protocol , Oct 2007 (RFC 5023)

 
Encoding of location as part of a web feeds

Mandatory: GeoRSS Simple encoding.

Where GeoRSS Simple is not appropriate the OGC GeoRSS Geography Markup Language (GML) Application Profile shall be used

GeoRSS extensions should be used to describe location aspects within ATOM and RSS feeds.
Message Security for web services

WS-Security: SOAP Message Security 1.1

XML Encryption Syntax and Processing (dtd. 10 December 2002)

XML Signature Syntax and Processing 1.0 (Second Edition)

Specifies how integrity and confidentiality can be enforced on messages and allows the communication of various security token formats, such as SAML, Kerberos, and X.509. Its main focus is the use of XML Signature and XML Encryption to provide end-to-end security.

Specifies a process for encrypting data and representing the result in XML. Referenced by WS-Security specification.

    Specifies XML digital signature processing rules and syntax. Referenced by WS-Security specification.
Security token format

SAML 2.0

Web Services Security: SAML Token Profile 1.1

Provides XML-based syntax to describe uses security tokens containing assertions to pass information about a principal (usually an end-user) between an identity provider and a web service.

Describes how to use SAML security tokens with WS-Security specification.

Security token issuing

WS-Trust 1.4

WS-Federation 1.1

WS-Policy 1.5

And WS-Security Policy 1.3

Uses WS-Security base mechanisms and defines additional primitives and extensions for security token exchange to enable the issuance and dissemination of credentials within different trust domains.

Extends WS-Trust to allow federation of different security realms.

Used to describe what aspects of the federation framework are required/supported by federation participants and that this information is used to determine the appropriate communication options.

General definition of data structure and the operations on data stored in that structure SQL 3 (ISO/IEC 9075(-1 to - 14):2003), Definition of data structure and the operations on data stored in that structure.  
Public Key Infrastructure to support SSL and single sign-on Version 3 public-key certificates and Version 2 CRLs in accordance with ITU-T X.509  
  NATO Public Key Infra-structure (NPKI) Certificate Policy (CertP) Rev2, AC/322- D(2004)0024REV2  
Table H.2. Infrastructure and Core Enterprise Services Standards

397. The CEMN architecture is intended to operate on fielded or near-fielded systems within the purview of the partner nations. Where new services must be created, they must be designed around the Request/Response, Publish/Subscribe, or Message Queue patterns. However, the intent is not to have CE as a development environment but rather use CE as a validation exercise to confirm interoperability with other systems/nations.

398. New development must (in addition to forwarding back through developmental channels):

  • provide read or read/write services as appropriate

  • implement either synchronous or asynchronous services

  • include authentication as part of their service

  • support dynamic bindings

399. The challenge is in re-using the existing data standards developed under ADatP-3 in this new service environment.

Purpose Standard Guidance
Identification and addressing of objects on the network. RFC 1738, Uniform Resource Locators (URL), 20 December 1994 RFC 2396, Uniform Resource Identifiers (URI), Generic Syntax, August 1998 (updates RFC 1738) Namespaces within XML documents shall use unique URLs or URIs for the namespace designation.
General formatting of information for sharing or exchange. Extensible Markup Language (XML), v1.0 3rd Edition XML Schema: Structures 1.0 XML Schema: Data types 1.0 XML Namespaces: W3C (REC-xml-names-19990114) XML is required for data exchange to satisfy those IERs within the CEMN that are not addressed by a specific information exchange standard. XML Schemas and namespaces are required for all XML documents.
Transforming XML documents into other XML documents XSL Translation (XSLT 1.0) Developer best practice for the translation of XML based documents into other formats or schemas.
Specific, practical guidance for the development of web services, through constraints and clarifications to their base specifications.

Web Services Interoperability Organization (WS-I) Basic Profile 1.1, Final Material, August 24, 2004; Note that this profile references several other standards associated with web services:

  1. SOAP, WSDL, UDDI

  2. Hypertext Transfer Protocol, HTTP v1.1

  3. RFC2246 TLS Protocol v1.0

  4. RFC2560, x.509 Public Key Infrastructure Certificate

Conformance to this standards-set is required for all SOAP based services.
Configuration management of structured data standards, service descriptions and other structured metadata. ebXML v3.0: Electronic business XML Version 3.0, Registry Information Model (ebRIM), OASIS Standard, 2 May 2005, Registry Services and Protocols (ebRS), OASIS Standard, 2 May 2005. Used as foundation for setup, maintenance and interaction with a Metadata Registry and Repository for sharing and configuration management of XML metadata. Also enables federation among metadata registries/repositories.
Exchanging structured information in a decentralized, distributed environment via services

W3C SOAP 1.1, Simple Object Access Protocol v1.1 (SOAP)

Representational State Transfer (REST)

WSDL v1.1: Web Services Description Language (WSDL) 1.1, W3C Note, 15 March 2001.

ebXML v3.0: Electronic business XML Version 3.0,Registry Information Model (ebRIM), OASIS Standard, 2 May 2005,Registry Services and Protocols (ebRS), OASIS Standard, 2 May 2005.

Universal Description, Discovery, and Integration Specification (UDDI v 2.0), OASIS Standard, April 2003.

The preferred method for implementing webservices are SOAP, however, there are many use cases (mash-ups etc.) where a REST based interface is easier to implement and sufficient to meet the IERs.

Used as foundation for setup, maintenance and interaction with a (NATO) Metadata Registry and Repository for sharing and configuration management of XML metadata. Also enables federation among metadata registries/repositories.

  Emerging (Dec 2011): UDDI v3.0  
Secure exchange of information across multiple security domains The Draft X-Labels syntax definition is called the "NATO Profile for the XML Confidentiality Label Syntax" and is based on version 1.0 of the RTG-031 proposed XML Confidentiality Label Syntax See "Sharing of information across Communities of Interest and across Security Domains with Object Level Protection" below.  
Topic based Publish / subscribe web services communication

WS-Notification 1.3 including:

  • WS-Base Notification 1.3

  • WS-Brokered Notification 1.3

  • WS-Topics 1.3

Enable topic based subscriptions for web service notifications, with extensible filter mechanism and support for message brokers.
Providing transport-neutral mechanisms to address web services WS-Addressing 1.0 Provides transport-neutral mechanisms to address Web services and messages which is crucial in providing end-to-end message level security, reliable messaging or publish / subscribe based web services.
Reliable messaging for web services WS-Reliable Messaging 1.2 Describes a protocol that allows messages to be transferred reliably between nodes implementing this protocol in the presence of software component, system, or network failures.
Table H.3. Infrastructure and Core Enterprise Services Standards, Part 2