What is STANAG?

NATO Standardization Agreement (STANAG) is a set of standards and procedures that are used by the member countries of the North Atlantic Treaty Organization (NATO) to ensure interoperability and compatibility among their military forces. The purpose of STANAG is to facilitate cooperation and coordination among NATO member countries, especially in times of crisis or conflict.

There are numerous STANAGs covering a wide range of topics, including communications, logistics, intelligence, and training. Some examples include STANAG 6001, which specifies the requirements for NATO military personnel language proficiency, and STANAG 4586, which defines the standards for interoperability of military data systems.

One of the key benefits of STANAG is that it allows NATO member countries to work together more effectively by eliminating the need to constantly re-invent the wheel. For example, if one country develops a new type of military equipment that meets STANAG standards, it can be used by other NATO countries without the need for additional testing or modifications. This saves time and resources, and furthermore allows NATO forces to focus on more pressing tasks.

In addition to improving cooperation and coordination among NATO member countries, STANAG also helps to ensure the safety and reliability of military equipment. By following established standards, military equipment is more likely to function properly and consistently, which is crucial in high-stakes situations such as military operations.

Overall, NATO Standardization Agreement (STANAG) plays a vital role in the success and effectiveness of NATO by facilitating interoperability and compatibility among member countries’ military forces. It is an important tool for improving cooperation and coordination, and for ensuring the safety and reliability of military equipment.

To enable future data exchange and interoperability amongst NATO Member States, NATO STANG 4774 and 4778 define a syntax (4774) for trusted security labels / markings and how these are cryptographically bound to data objects (4778) to ensure the integrity of data and the label. Trusted security labels include for example data on the creator, creation and expiration date. There are different profiles for REST, SMTP, SOAP, XMPP or Office Open XML. infodas remains involved in the improvement process and is part of the annual NATO Coalition Warrior Interoperability eXercise (CWIX).

A practical example: Public sector or critical infrastructure organizations handling classified information frequently need to selectively share sensitive data with other systems, organizations or countries. However, unstructured data objects (e.g. pictures, videos, patient records, documents, encrypted or compressed files) require another trusted element for release decision in data guards as their classification level could easily be changed. Existing data classification solutions only offer data tagging and not binding solutions. Moreover, labeled data only provides value if it can be easily shared and controlled by a bi-directional cross domain solution (Guard, IEG, Security Gateway) when moving between security domains.

The SDoT Labelling Service solves this issue. It allows to manually or automatically classify any data object with a tamper proof XML Security label that is cryptographically bound to a file. The product complements the bi-directional SDoT Security Gateway cross domain solution for SECRET and below domains so that both structured and unstructured data and application protocols can be filtered. The SDoT Labelling Service is a security appliance placed in the classified IT infrastructure and can be integrated in any work environment (e.g. mail client or office applications) of the user via API which ensures a high degree of user adoption and data centric security.

XML security labels can be freely defined by an organization and may include categories such as the creator of a label, permissive & restrictive sharing policies or label validity. Any changes to a label are always logged throughout its lifecycle. Even the smallest change to a data object automatically leads to invalidation of a label that prevents its release from a classified domain. The XML security labels already adhere to the new NATO standardization agreements 4774 for confidentiality labels as well as 4778 for metadata binding.

All elements of the Secure Domain Transition (SDoT) product family meet the highest requirements for hardware and software security at the SECRET and below interoperability level (SABI). They are developed and manufactured in Germany with full supply chain transparency. They are available as 19”, 1U appliances or smaller deployable sizes for vehicles. Other products include the bi-directional SDoT Security Gateway Express optimized for near real-time, low latency filtering of structured data such as XML, JREAP or JSON. Just like the SDoT Diode for unidirectional data transfer up to 9.1 Gbit/s, both products hold a general NATO, EU and German SECRET approvals. Media breaks and rotary interfaces are a thing of the past with SDoT. The products have been in use in sensitive environments for more than 15 years.

About the Author/s
Ronald Claus

Technical Presales Engineer, infodas