NATO has defined the concept of an Information Exchange Gateway (IEG) to facilitate secure communication between different security and management domains.[1] The IEG is designed to provide a standard and secure method of communication between NATO, NATO nations, non-NATO nations, coalition forces, Non Government Organisations (NGOs), and other International Organisations (IOs).[2]
An Information Exchange Gateway provides Information Exchange Services (IES) to facilitate the exchange of information between networks, including data and protocol translation where necessary, and Information Protection Services (IPS) that ensure only intended information is exchanged. In addition, Node Protection Services (NPS) ensure information is exchanged in a safe and secure way and that only intended information which has been validated by the IPS can be exchanged.[3]
NATO has defined five main IEG scenarios[4] each with scenario variants for transferring classified information. The scenarios take account of the security classifications of the domains that they connect, as well as the security policy, the owners and the administrators of those domains.
In some scenarios, an IEG must include a guard to provide the IPS and NPS functions.[5] When used with a guard, the IEG's DMZ is split into two.
Implementation
edit- Nexor implemented an IEG demonstrator for the European Defence Agency.[6]
References
edit- ^ "NATO IEG" (PDF). AFCEA.
- ^ "Collaboration Support Office (CSO)".
- ^ Guidance Document on the Implementation of Gateways for Information Exchange between NATO CIS and External CIS, AC/322-D(2005)0054-REV2, NATO, March 2008
- ^ "Information Exchange Gateways". Nexor.
- ^ "Information Exchange Gateways". Deep-Secure.
- ^ "EDA". Retrieved 22 December 2014.