Enabling the Transfer of Large Files Across Security Domains in a Multinational Environment

Abstract: In an environment in which data has to be transferred between different applications, nations and domains, various risks in terms of data security exist. This has particularly serious consequences if security-relevant data and information are processed. In this paper we focus on the transfer of large files between several applications across security domains in the military sector. The exchange of data in a military multinational environment is particularly challenging because it is regulated by predefined architectures, concepts and technologies. Coalition Shared Data (defined by STANAG (Standardization Agreement) 4559) specifies services, interfaces and data models to exchange ISR (intelligence, surveillance and reconnaissance) information within a coalition. STANAG 4774 and STANAG 4778 as well as STANAG 5636 define essential (security) metadata and the (security) labeling of data to enable role and security-based data management. In this paper the exchange of large files between different security domains that include Coalition Shared Data services linked by a specific labeling service and security gateway based on STANAG 4774 and STANAG 4778 were examined. Accredited security gateways supporting data exchange often come with limitations e.g. on the file size that can be exchanged. Based on the existing systems, processes and requirements, a concept for the transfer of large files has been developed under consideration of the technical and organizational requirements and constraints. Initial tests of the new approach were carried out in a laboratory demonstrator and demonstrated the fundamental functionality.

Keywords: STANAG, Coalition Shared Data, Interoperability, ISR, Security Domains, Data Transfer

DOI: 10.54941/ahfe1005949

Cite this paper:

​