- ACP123(B) Published
- NEDS procurement have issued amendment 11 and extended the bid submission date to 3rd March 2010
- Isode announce addition of new product, M-Link Edge, to R14.6 release
- ESS equivalentLabels mandatory in STANAG 4631
- Management Buy In Of Clearswift Specialist Products Division
- Boldon James joins Transglobal Secure Collaboration Program
- Isode Adopts XML Security Policies
- ACP133 8 Years On
- RFC Search
- Canadian MMHS adopts Web-based Solution
ESS equivalentLabels mandatory in STANAG 4631
Submitted by Hannah McKean on Tue, 2010-02-02 16:37
In recent work conducted by NATO and the nations to find solutions to meet the complexity of label harmonization, it has been realized that the use of equivalentLabels provides increased flexibility to support label harmonization.
Version 1.1 of the Implementer's Guide for STANAG 4631 has consequently made the support for the RFC 2634 Enhanced Security Services equivalentLabels signed attribute mandatory.
This has a consequence impact on ACP 145(A) gateways which adopt the STANAG 4631 profile. ACP145(A) has yet to be updated to specify how any equivalentLabels values should be handled to ensure security label consistency and reduce security label creep, however the mechansims would seem straight-forward. Indeed some ACP145(A) gateways already handle the equivalentLabels attribute in performing security label mapping.
The specific changes in STANAG 4631 are:
Signed Attributes
27 The support requirements for signed attributes are as follows (see section 1.3.4 in ESS):
...
e. equivalentLabels MUST be supported.
...
Equivalent Security Labels
48 MUST be supported.