Secure Questionnaire 10 1.0

UNCLASSIFIED PROFILING QUESTIONNAIRE DISRonline 10-1.0 Be aware not all questions have a standard associated with them.
Access Control
1 Does your system interface with the Defense Message System? Does your system use FORTEZZA Cryptographic algorithms? FORTEZZA ICD, ACP 120
IETF RFC 2743, FORTEZZA CIPG 1.52, FORTEZZA Application ITU-T X.509:2005 IETF RFC 2634
3 4
Will your system implement or support DoD PKI? Do your individual messages use certificates issued by DoD PKI to protect unclassified sensitive or sensitive information? Does your system require encrypted algorithms and FORTEZZA applications are in use? Does your system require signature algorithms? Does your system require secure hash algorithms? Does your system require PKI Cryptography? Will access to a system be based on a particular role, rather than an individuals credentials? Does this application require the use of RFID or smart cards and does it need to be FIPS 201 compliant?
SKIPJACK/KEA
6 7 8 9
FIPS Pub 186-2, FIPS Pub 186-3 NIST FIPS Pub 180-3 FIPS Pub 140-2, FIPS Pub 197 ANSI/INCITS 359-2004
10
ISO/IEC 14443-3:2001 w/ Amd1:2005, Amd1/Cor1:2006, Amd3:2006, ISO/IEC 14443-2:2001 w/ Amd 1:2005 IETF RFC 3195
11
Does your system need to transmit event messages?
Application-Oriented (GPS)
1 2 3 Does your system require GPS standard positioning services? Does your system require GPS precise positioning services? Does your Aviation system use Global Positioning for navigation/landing and will an FAA certification be required? Does your Aviation system use Global Positioning for navigation/landing and will interoperability in a NATO environment be required? Are you creating equipment that will require time stamping? Does your system provide emergency position indicating radio services or operate on 406 MHz transmit or receive data via the COSPAS-SARSAT system? IS-GPS-200D ICD-GPS-227 RTCA DO-208
STANAG 4294
5 6
IRIG Standard 200-04 COSPAS-SARSAT C/S T.001 Iss.3 Rev.8, COSPAS-SARSAT C/S T.007 Iss.4 Rev.2
Application-specific Data Interchange

Valid Date Promulgation Memo Signed
UNCLASSIFIED
Page 1 of 54
1 Does your system interchange Atmospheric or Oceanographic data? Does your system exchange weather product messages in Gridded Binary Form? Does your system exchange data in Binary Universal Format for Representation (BUFR)? Does your system exchange large or complex data sets between environmental data processing systems? Do you need to exchange metadata or bibliographic information? Does your Combat Support system exchange fingerprint information with other systems? Will you be implementing a data distribution infrastructure using a publish/subscribe data centric model? Will you be implementing a data distribution infrastructure using a distributed object model via CORBA or do you require a deterministic, predictable, real time application that has its operating system priorities mapped at the application thread level? Is your organization planning to implement a standards-based all-hazard emergency alerting and warning notification system? Is your system responsible for the writing, reading or application of passive RFID tags? FM 92-X Ext. GRIB WMO No. 306
FM 94-X Ext. BUFR WMO No. 306
HDF v5
ISO 2709
ANSI/NIST-ITL 1
OMG formal/2007-01-01
OMG formal/2005-01-04
OASIS CAP-V1.1
10
DOD Non-commercial DID, RF-Tag v2.0, Passive RFID Air Interface Class 1, UHF Passive Tag Air Interface Class 0 DDMS 2.0 C2IEDM
11 12
Does your system require data interoperability? Does your system require exchanging the C2 (or C4ISR) information among the US C2 systems, Coalition C2 Systems? Is there a requirement for common, codified identification of the countries of the world? Do you order items that are measured in commercial contracts? Will you be transferring stored ISR data or using solid state or disk based removable memory modules or need to share data with NATO allies? Are you implementing a data distribution service infrastructure in your system that requires applications built with two different vendor DDS products to interoperate?
13
ISO 3166-1
14
UNECE Recommendation No. 20
15
STANAG 4575 Ed. 3
16
OMG formal/08-04-09
UNCLASSIFIED
Page 2 of 54
17 Is your system a sensor used to detect chemical, biological, radiological, or nuclear threats or does the system interact with sensors used for defense against chemical, biological, radiological, or nuclear threats? Does your system need to publish a list of periodically updated summaries or need to provide light-weight event notification? JPEO-CBD CCSI v1.0
18
IETF RFC 5023
Architectures and Applications

1 Does your system implement a Public Key Infrastructure (PKI)? Does your PKI require Medium Assurance certificate profiles? IETF RFC 2587, IETF RFC 5280, RSA PKCS #11 v2.20, RSA Labs PKCS #15:2000, FIPS Pub 140-2 Traffic Filtering Firewall - Low Risk, Application-level Firewall - Basic ISO/IEC 19775-2:2004 , ISO/IEC 197751:2004 Application-level Firewall -Medium:2000, PP_FW_TF_MR_v1.1 (Traffic Filt. Firewall - Med. Robustness), PP_FWPPMR UML 2.2, IETF RFC 2743 OMG OCL v2.0
Does your system require firewall devices in Basic Robustness environment? Will your system utilize 3D Graphics or virtual reality applications? Does your system require firewall devices in Medium Robustness environment?
6 7
Does your system require general virtual link security? Do you need to specify exact range of performance such as minimum and maximum speed or physical or other environmental (external) or internal constraints? Do you need a tool based on UML that uses the diagrams and vocabulary of Systems Engineering rather than Software Engineering or do you need rigorous parametric constraints expressed in formal language? Do you need a standards-based tool conforming to DoDAF 1.5 or MoDAF 1.2 in defining architecture or designing system/capability? Does your system architecture design involve the DoDAF products (e.g., AV-1, OV-2, OV-4, OV-5, OV-6c, SV-4, SV-5, SV-6, and TV-1) that are required for such documents as ISP, ICD, CDD, and CPD? Does your system need to support metadata for XML-encoded data or does your system need to interact with systems that support metadata for XML-encoded data?
OMG SysML v1.1
OMG UPDM v1.0
10
Core Architecture Data Model (CADM) 1.03
11
OASIS ebXML RS v3.0, OASIS ebXML RIM v3.0
UNCLASSIFIED
Page 3 of 54
12 Are you developing a registry, or are you developing an XML vocabulary that will be published in the DoD Metadata Registry? ISO/IEC 11179-3:2003(E)
Audio Data Interchange

1 2 3 Does your system require the interchange of Audio Data? Does your system support Audio for Video Imagery Systems? Does your system process voice data over 2.4 Kbps digital links? Does your system require acceptable service quality between voice services within the DSN? Do you provide enterprise-wide presence or awareness, or do you provide person-to-person or multi-user text chat? Does your network required a keepalive mechanism for SIP sessions or required a SIP session expiration mechanism or has your network experienced any denial-of-service attacks from rogue SIP-based proxies and user agents? Does your system deal with sessions that use SIP as a signaling protocol and SDP to describe the parameters of the session? Does your system require the use of the SIP REFER method? Does your system use SIP preconditions in situations that involve session mobility? Do your information system and networks comply with all the audiovisual and multimedia systems security control protocols incorporated in the H235 standard? Are VoIP security protection controls required to be implemented on your audiovisual and multimedia networks? Does your system require Internetworking between Session Initiation Protocol (SIP) and Bearer Independent Call Control Protocol or ISDN User Part? Does your system require Session Initiation Protocol (SIP) in the Authenticated Identity Body (AIB) format? Does your system require ISDN to pass the signaling messages between the router and the ISDN switch at the local Central Office (CO)? Does your system require SDP routing for SAP, SIP, or RTSP use? ISO/IEC 13818-3:1998 MIL-STD-3005
ITU-T P.800, ITU-T P.862
IETF SIMPLE, IETF XMPP
IETF RFC 4028
IETF RFC 3312
8 9
IETF RFC 3515 IETF RFC 4032
10
ITU-T Rec. H.235.1
11
ITU-T Rec. H.235.8 (09/05)
12
ITU-T Rec. Q.1912.5
13
IETF RFC 3893
14
ITU-T Rec. Q.921, September 1997
15
IETF RFC 3890
UNCLASSIFIED
Page 4 of 54
16 Does your system require a description to perform the mapping between two signaling protocols: the Session Initiation Protocol (SIP) and the Integrated Services Digital Network (ISDN) User Part (ISUP) of Signaling System No. 7 (SS7)? Does your system require ISDN to pass the signaling messages between the router and the ISDN switch at the local CO with Call control and Management? IETF RFC 3398
17
ITU-T Rec. Q.931, May 1998
Authentication
1 Does your system use Open Software Foundation DCE Version 1.1? Does your system use the One-Time Password System? Does your PKI require Medium Assurance certificate profiles? IETF RFC 2865
2 3
IETF RFC 2289 RSA Labs PKCS #12 v1.0:1999 with Corrigendum, RSA PKCS #11 v2.20, RSA Labs PKCS #15:2000, IETF RFC 2587, FIPS Pub 140-2, IETF RFC 5280 FIPS Pub 201-1
Is verification of the claimed identity of individuals seeking physical access to Federally controlled government facilities and electronic access to government information systems required? Is this an application of digital signature within DoD using the DoD Public Key Infrastructure (PKI)? Does your system use a time stamp protocol? Is this an application of CMS digital signature within DoD using the DoD Public Key Infrastructure (PKI)? Is your system based on PKI and is an efficient means of verifying certificates necessary? Does this application require the use of secure email? Does your system require protection of the data portion of the IP packet or require security services? Is PKI being implemented with LDAP? Do you need to provide HMAC-MD5 authentication algorithm with IS-IS routing ? Do you need to provide an authentication algorithm with IS-IS routing?
CMS/XML Digital Signature Profiles v1.1
6 7
IETF RFC 2560
9 10
IETF RFC 5035 FIPS Pub 198
11 12
13
IETF RFC 5310
UNCLASSIFIED
Page 5 of 54
14 Is your network required to use multiple authentication mechanisms residing in the authentication server instead of the authenticator? IETF RFC 3748
Aviation: Air Traffic Management

1 Is your system an Aviation vehicle requiring access to the civil air space with communications capabilities? Will your Aviation system be required to interoperate with civil communications infrastructures? ICAO Annex 10: Vol. III, ICAO Annex 10 Aeronautical Telecommunications: Volume V, RTCA DO-224B, RTCA DO210D, RTCA DO-181C, RTCA DO-236B, ICAO Annex 10: Vol. IV, ARINC 750-4, ICAO Annex 10: Vol. II, ICAO Annex 10: Vol. I, RTCA DO-246C, RTCA DO-186B ICD-GPS-227 RTCA DO-208
3 4
Does your system require GPS precise positioning services? Does your Aviation system use Global Positioning for navigation/landing and will an FAA certification be required? Does your Aviation system use Global Positioning for navigation/landing and will interoperability in a NATO environment be required? Does your system require military IFF capabilities? Is your system an Aviation vehicle requiring access to the civil air space with civil IFF capabilities? Will your system require only a military Air Worthiness Certification for IFF versus an FAA certification (A negative response implies an FAA certification or both will be required.)? Does your system require civil FAA IFF capabilities?
STANAG 4294
6 7
DoD AIMS 97-900, DoD AIMS 03-1000
ICAO Annex 10: Vol. II, ICAO Annex 10 Aeronautical Telecommunications: Volume V, ICAO Annex 10: Vol. IV, ICAO Annex 10: Vol. I, ICAO Annex 10: Vol. III RTCA DO-185A, ARINC 735A-1 RTCA DO-242A
10 11
Does your system require traffic alert and collision avoidance? Does your system require automatic dependent surveillance (broadcast)? Is your system an Aviation vehicle requiring access to the civil air space with navigation capabilities? Will your system require only a military Air Worthiness Certification for navigation versus an FAA certification (A negative response implies an FAA certification or both will be required.)?
12
13
UNCLASSIFIED
Page 6 of 54
14 Is your system an Aviation vehicle requiring access to the civil air space with landing aid capabilities? Will your system require only a military Air Worthiness Certification for landing aids versus an FAA certification (A negative response implies an FAA certification or both will be required.)? Will your Aviation system require area navigation? Will your Aviation system require global navigation? FAA AC 90-96A, RTCA DO-236B RTCA DO-246C, FAA AC 90-96A, RTCA DO-253A ICAO Annex 10 Aeronautical Telecommunications: Volume V, ICAO Annex 10: Vol. I, ICAO Annex 10: Vol. II, ICAO Annex 10: Vol. IV, ICAO Annex 10: Vol. III RTCA DO-253A, RTCA DO-246C STANAG 4392
15
16 17
18
Does your Aviation system require microwave landing aids?
19 20
Does your Aviation system require GPS landing aids? Does your Aviation system require GPS landing aids to be interoperable in NATO environments? Will your Aviation system require global navigation or GPS landing aids? Is system an Unmanned Air Vehicle or UAV Control System or will UAS support Joint / Coalition Operations or does UAS require interoperability with C4I in collecting and disseminating ISR related data or be used as a weapon platform?
21
RTCA DO-229D
22
STANAG 4586 Ed. 2
Backplanes and Busses

1 Is your system part of the C4ISR or the Weapon Systems domain? Does your Crypto or Weapon System use VME backplanes and circuit cards? Does your Crypto system use VXI backplanes and circuit cards? Does your system use a CompactPCI bus? Does your system require a multiplexing bus? Does your system require a Controller Area Network bus for heavy trucks or off-road vehicles? Does your system require a general purpose serial data communications link for heavy-duty vehicle apps? ANSI/VITA 1
IEEE 1155
4 5 6
CompactPCI MIL-STD-1553B SAE J1939
SAE J1587, SAE J1708
UNCLASSIFIED
Page 7 of 54
8 Does your system require high-speed, reliable, data transfer technology that operates over copper wire and fiber optic cabling? ANSI/INCITS 297:1997 (R 2002)., ANSI INCITS 373-2003, ANSI/INCITS 3572002, ANSI INCITS 289-1996 (R2001), ANSI INCITS 387-2004, ANSI/INCITS 3522002, ANSI/INCITS 332-1999 ANSI/INCITS 303-1998 (R 2003)., ANSI/INCITS 355-2001
Does your system use Fibre Channel to transfer data?
Bindings/Object Code Linking

1 Does your POSIX system use Ada language bindings? ISO/IEC 14519
Biometric Technology Services

1 Does your system require biometric technologies for authentication? Does your organization intend to evaluate the performance of biometric algorithms, components, or systems or does your organization intend to implement a testing program for evaluation of the performance of biometric algorithms, components, or systems? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or does your organization collect fingerprint data or is your organization required to process biometric data in the field? Does your organization collect photographs of individuals for identification purposes or is your organization required to process biometric data in the field? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or does your organization collect iris images or is your organization required to process biometric data in the field? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or does your organization collect face data or is your organization require to process biometric data in the field? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or is your organization required to process biometric data in the field or does your organization anticipate the use of modalities for which no record types that exist in ANSI/NIST ITL 1-2000 or 2007? Does your organization require developing software to interface with biometric hardware and or devices? ANSI INCITS 358-2002 (R2007) w/ Amd 1:2007 INCITS 409.3-2005, INCITS 409.1-2005, INCITS 409.2-2005
ISO/IEC 19794-2:2005 , ISO/IEC 197944:2005
ISO/IEC 19794-5:2005 w/ Amd 1:2007
ISO/IEC 19794-6:2005
ANSI/INCITS 377-2004, ANSI/INCITS 3812004, ANSI/INCITS 378-2004
ISO/IEC 19785-2:2006, ISO/IEC 197851:2006
ISO/IEC 19784-2:2007, ISO/IEC 197841:2006 w/ Amd 1:2007
UNCLASSIFIED
Page 8 of 54
9 Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or does your organization collect, store, exchange, or match representations of digitized sign or signature data or is your organization required to collect biometric data for logical or physical access control? Does your organization participate in performance testing of biometric systems or is the primary goal of your testing efforts to determine if the performance of the complete biometric system meets the requirements of a specific application environment for a target population? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or is your organization required to comply with HSPD-12 or FIPS 201? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or does your organization collect face data or is your organization required to process biometric data in the field? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or plan to exchange biometric data with the FBI IAFIS or does your organization collect fingerprint data or iris data? Does your organization require/anticipate implementation of interoperable system components for the collection of biometrics or required to process biometric data in the field anticipate implementing or testing a family of biometric systems? Do you need to define an interface specification for exchange of biometric data? Will your system process or disseminate terrorist information or will your system interface with US-VISIT/IDENT? ANSI/INCITS 395-2005
10
ANSI/INCITS 409.4-2006
11
NIST Special Publication 800-76-1
12
ANSI INCITS 385-2004
13
IAFIS-DOC-01078-8.001
14
ISO/IEC 24709-2:2007, ANSI INCITS 4422008, DoD EBTS v2.0, ISO/IEC 247091:2007
15
ANSI INCITS 398-2008
16
IDENT IXM v2.0
C4ISR: Payload Platform

1 Does your system use fiber channel for high-speed data transfer? Is Firewire serial bus used in place of the standard parallel bus? Will your system be using INTELSAT Business Services? Is your system in the design phase and needs compliance with data rate and TCM/8PSK modulation requirements? ANSI X3.230:1999
IEEE 1394, IEEE 1394b, IEEE 1394a
3 4
IESS-309 Rev. 7 IESS-310 Rev. 2
UNCLASSIFIED
Page 9 of 54
Calendaring and Scheduling

1 Does your system require calendaring and scheduling services? Will you be using date/time references in your application? C321
ISO 8601:2004
Cryptographic Key Management

1 Does your system require Key Management in an IP environment? Does your system require DNS authentication and a shared secret key? Does your system require dynamic secure updates to the Domain Name Server (DNS)? Does your system require datagram authentication or does your system require security services at the IP layer? Does your system require authentication and encryption in an IP environment? Does your system require protection of the data portion and/or header portion of the IP packet or does your system require security services at the IP layer? Do you require defense against attacks on your IP-based network? Do you need to be NSA Suite B compliant? Do you need to be Suite B compliant? IETF RFC 2404
IETF RFC 2845
IETF RFC 3007
IETF RFC 4302
IETF RFC 4303
IETF RFC 4835
IETF RFC 4304
8 9
IETF RFC 5430, NIST SP 800-56A NIST SP 800-90, IETF RFC 4754, IETF RFC 5008 NIST SP 800-108 NSA EKMS 308 Rev E
10 11
Do you need to generate a key? Does your device transmit key to a fill device or does your device receive key from a fill device or is your device a fill device? Does your device transmit key to a fill device or receive key from a fill device or is your device a fill device or does your device require key that contains NATO classifications? Do you need to implement the EKMS 308 base document or does your device transmit key to a fill device or does your device receive key from a fill device? Is your device a fill device?
12
NSA EKMS 308, Rev F
13
NSA EKMS 308 App C 24Apr09, NSA EKMS 308 Appendix A
UNCLASSIFIED
Page 10 of 54
14 Does your device need to receive key from a Data Transfer Device or does your device need to load key to a Data Transfer Device? NSA EKMS 603 Rev C w/SCN-1
Database Management System

1 Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources and does your system need to embed SQL statements within Java based applications or does your system need to embed SQL statements within Java based applications? Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources? ISO/IEC 9075-10:2003 with Cor. 2:2007
ISO/IEC 9075-2:2003 with Cor. 2:2007, ISO/IEC 9075-1:2003 with Cor. 1:2005 and Cor. 2:2007 ISO/IEC 9075-3:2003 with Cor. 1:2005
Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources and does your system have a need to execute statements of the database language SQL from within application programs? Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources and does your system need to store data base routines on the RDBMS server itself? Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources and will your system implement SQL multimedia spatial capabilities? Does your system include a Relational DBMS (RDBMS) or does it use RDBMS resources or does your system need to be able to query your databases to discover their structure? Will your system implement SQL remote database access (RDA)? Does your client need to define a client/server based service and protocol for Information Retrieval? Does the application manage a transactional persistent database or is the application programmed in an object oriented manner in the Java programming language or does the application require an object oriented database management system?
ISO/IEC 9075-4:2003 with Cor. 2:2007
ISO/IEC 13249-1:2007, ISO/IEC 132493:2006
ISO/IEC 9075-11:2003 with Cor. 2:2007
ISO/IEC 9579:2000
ISO 23950/NISO Z39.50
JSR-243
Devices (Smart Cards)

1 Does your Combat Support system require contact Smart Cards? ISO/IEC 7816-7, ISO/IEC 7816-10:1999, ISO/IEC 7816-8:2004 , ISO/IEC 7816-1, ISO/IEC 7816-9:2004, ISO/IEC 781611:2004, ISO/IEC 7816-1:1998/Amd 1:2003, ISO/IEC 7816-15:2004/Cor. 1:2004
UNCLASSIFIED
Page 11 of 54
2 3 Is a contact-based access control card required? Does your Combat Support system require contactless Smart Cards? ISO/IEC 7816-11:2004 ISO/IEC 14443-4:2001, ISO/IEC 144431:2000, ISO/IEC 15693-1:2000, ISO/IEC 15693-3:2001
Document Interchange
1 Does your system exchange documents in markup or other format? Is your system part of the Combat Support domain? Does your system exchange documents in HTML format (including web publication)? Is your HTML expected to evolve into XML applications? Does your system exchange documents in XML format? MIL-PRF-28001C HTML 4.01
2 3
4 5
XHTML 1.1: 31 May 2001 XForms 1.0, XML 1.0 (Third Edition), XML 1.1:2004, WSDL 1.1 RDF/XML Syntax Specification (Revised), RDF Vocabulary Description Language 1.0: RDF Schema SOAP MTOM, W3C SOAP 1.2 Part 2, W3C SOAP 1.2 Part 1 XSL 1.0:2001 XPath 2.0:2007, XPATH 1.0 DOM Level 3 W3C
Will your system be processing WWW metadata?
Does your system require exchanging information in a decentralized distributed format? Will you be using XML Style Sheets? Will you be transforming XML through the use of Style Sheets? Does your system need read/write random access to XML documents? Do you require interoperability in office automation products to include text documents, spreadsheets, charts, and graphical documents like drawings or presentations? Are industry developed open standards used to model, describe, transfer, store, and provide query/response to ensure interoperability and to comply with DoD directives specifying the use of COTS and open industry developed standards? Is your organization sharing information on terrorism operations or terrorists? Will your system automatically process or disseminate terrorism information across security domains? Is your system designed to share terrorism information with the justice and public safety communities?
8 9 10
11
ISO/IEC 29500-2:2008, ISO/IEC 295003:2008, ISO/IEC 29500-1:2008, ISO/IEC 29500-4:2008 MIMOSA OSA-CBM v3.1
12
13
CISS RM: MES, DDMS 2.0, CISS ISM: XML CISS Tearlines:XML, CISS Tearlines Applications CISS GJXDM
14
15
UNCLASSIFIED
Page 12 of 54
16 17 Does your system share terrorist person data? Do you order items that are measured in commercial contracts? Do you order supplies or services in non-US dollars? Are you representing languages in your application? Will your applications be using date/time references? Do you require binary encoding of XML documents? Does your application need to query data that is either stored as XML or appears as XML via a middleware product? Are you implementing email or DNS? TWPDES UNECE Recommendation No. 20
18 19 20 21 22
ISO 4217:2001 ISO 639-2:1998 ISO 8601:2004 ITU-T X.891:2005 XQuery 1.0:2007
23
IETF RFC 2308
Electronic Data Interchange (EDI)

1 Does your system require document interchange of XML documents? XML Schema Part 1:2004, XML 1.1:2004, XML Schema Part 2:2004, XML 1.0 (Third Edition) XML Signature
Does your XML document require a XML-encoded digital signature rather than as separate data? Does your system require profiling documents of PDF-417? Does your Combat Support system require use of EDI? Does the system require Healthcare EDI for Administrative or Business Transactions?
3 4 5
ISO/IEC 15418, ISO/IEC 15434 ANSI ASC X12 ASC X12N 820:2007, ASC X12N 834:2006, ASC X12N 276/277:2008, ASC X12N 278:2008, ASC X12N 270/271:2008, ANSI/HL7 V2.4-2000, ASC X12N 835:2006, ASC X12N 837 (Professional):2006, ASC X12N 837 (Institutional):2007, ASC X12N 837 (Dental):2007 NCPDP Batch v1.2, NCPDP v. D.0
Does your Combat Support Medical system require Retail Pharmacy Claim EDI? Does your system generate, process, transmit, receive, modify, or use Mission Data Files, i.e., mission or target data which is delivered to smart weapons as the Edge User? Does your system use ISDN bearer services for the basic rate interface? Do you order supplies or services in non-US dollars?
MIL-STD-3014
ANSI T1.604-1990 (R2004)
ISO 4217:2001
UNCLASSIFIED
Page 13 of 54
10 Does this application require high-speed processing of binary data exchanges? ITU-T Rec. X.680 (2002), w/ Amd 1-3 and Cor 1
Electronic Mail
1 Does your system require official organizational-messaging traffic between DoD organizations? Does your system retrieve or send emails? Does your system require medium assurance messaging service between DoD organizations? ACP 123A:2001
2 3
IETF RFC 3501 IETF RFC 2821, IETF RFC 2822, IETF RFCs 2045-2049, IETF RFC 3023, IETF RFC 1870, IETF RFC 2231 IETF RFC 3030, IETF RFC 3462
Does your network require medium-assurance messaging services using SMTP to send e-mails? Does your system require encrypted email capabilities? Does your system require signature algorithms?
5 6
IETF RFC 3851 FIPS Pub 186-2, FIPS Pub 186-3
Engineering Support-Automatic Testing

1 Does your Automatic Test System require Digital Test Data Formats (DTF)? Does your Automatic Test System require instrumentation services? IEEE 1445
IVI-4.3, IVI-4.1, IVI-4.4, IVI-4.2, IVI-4.7, VPP-3.4 r2.3, VPP-3.3 r4.01, VPP-3.2 r5, VPP-3.1, IVI-4.8, IVI-4.6, IVI-4.10 VPP-4.3 r2.2, IEEE 1232:2002
Does your Automatic Test System require interoperable diagnostic tools? Does your Automatic Test System require a standard representation of BIT data in the test environment? Does your Automatic Test System require product design data (PDD)? Does your Automatic Test System require system framework standards? Does your Automatic Test System require signal and test modeling for execution of UUT test programs? Does your Automatic Test System require Instrument Drivers? Does your Automatic Test System require Instrument Drivers to support multiple assets? Does your Automatic Test System require the use of LXI instruments and drivers?
IEEE 1149.4, IEEE 1149.1:2001
ANSI/EIA 682
VPP-2 r4.2
IEEE 1641-2004
8 9
IVI 3.1, r1.6 IVI-3.10, r1.0
10
IVI 3.15, r 1.0
UNCLASSIFIED
Page 14 of 54
11 Does your Automatic Test System require an instrument with a LAN based capability? Does your Automatic Test System require the use of ATML schemas? Are your ATE instrument drivers based upon the IVI Architecture? Does your ATS require the use of a standard to produce an exchange format, using eXtensible Markup Language (XML), for identifying instrumentation that may be integrated in an automatic test system (ATS)? Does your ATS require the use of a standard to produce an exchange format, using eXtensible Markup Language (XML), for identifying Test Adapters that may be integrated in an automatic test system (ATS)? Does your ATS require the use of a standard to produce an exchange format, using eXtensible Markup Language (XML), for identifying Test Station information that may be integrated in an automatic test system (ATS)? Does your ATS require the use of a standard to produce/consume the results of testing a UUT in a standard format? Does your Automatic Test Systems require the use of authoring of IVI-C instrument drivers? Does your Automatic Test Systems require the use of multiple IVI instrument COM drivers or does you client application need to decouple COM instrument driver instances? Does your Automatic Test Systems require the use of multiple IVI instrument drivers for which the driver configuration information needs to have logical ( not physical) mapping of this information? LXI Standard Rev 1.1
12
IEEE 1671-2006
13
IVI-3.12 Rev 1.0
14
IEEE STD 1671.2-2008
15
IEEE STD 1671.5-2008
16
IEEE STD 1671.6-2007
17
IEEE 1636.1-2007
18
IVI-3.9 Rev 1.0
19
IVI-3.6 Rev 1.0
20
IVI-3.5 Rev 1.8
GEOINT: Geospatial
1 Does your system interchange geospatial data (mapping, charting and geodesy services)? Do you require a system-to-system exchange of aeronautical data or do you need a data model for representing aeronautical data or are you working with aeronautical data such as airports, runways, routes, airspace, navigation aids and/or procedures? Is any of your geospatial data raster-formatted? AIXM 5.0
MIL-STD-2411(2)
UNCLASSIFIED
Page 15 of 54
4 Is any of your geospatial data raster-formatted or does your system have requirements to either produce or interpret CIB, CADRG, or DPPDB raster products? Does your system have requirements to either produce or interpret CIB, CADRG, or DPPDB raster products? Is any of your geospatial data in geographic databases intended for direct use? Does your data represent reference frame, reference ellipsoid, fundamental constants, or Earth Gravitational Model with related geoid? Does your data interchange require the use of country codes? Does your system require an International Standard that provides a clear procedure for the description of digital geographic datasets so that users will be able to determine whether the data in a holding will be of use to them and how to access the data? Does your system require client access across a network to pre-programmed calculations and/or computation models that operate on spatially referenced data over the world wide web? Does application involve overhead imagery, terrain characteristics? Do you have a requirement for use of a coordinate location based application based on usage of geographic information which needs a unique definition of the a reference system? Does this application require the interchange, distribution, manipulation, or exploitation of geospatial intelligence data based on place names (e.g., as in a gazetteer) or does this application represent location by reference to a name, or to a position relative to a fixed point or geographic feature, or to a named spatial relationship to a geographic feature? Does the application require access to definitions or descriptions of items of geospatial information? Does the application require access to and/or model/manipulate items of geospatial information? Does this application require the interchange, distribution, manipulation, or exploitation of geospatial intelligence data in vector form? Does your system require geospatial information as a means to reference operational information? MIL-STD-2411-2(1)
MIL-STD-2411-1(2)
MIL-STD-2407(1)
MIL-STD-2401
8 9
FIPS Pub 10-4, w/ CNs 1-14 ISO 19115:2003 w/ ISO 19115 Cor. 1:2006
10
WPS 1.0
11
ISO 19123:2005
12
ISO 19111:2007
13
ISO 19112:2003
14
DGIWG FACC, ISO 19135:2005, DFDD 2009-1, ISO 19110:2005 ISO 19109:2005
15
16
ISO 19107:2003
17
ISO 19119:2005 w/ Amd 1:2008
UNCLASSIFIED
Page 16 of 54
18 Does your development involve publication of or access to an electronically accessible catalogue of geospatial intelligence data? Does your system require access to geospatial feature information using an implementation of the OGC Web Feature Service specification or does your system require an ability to select objects from a net accessible data base? Does your development require exchange of GEOINT data with other systems over a network? Does your development involve a client that needs to access data that relates position in a spatiotemporal domain to a (possibly multidimensional) range of properties or does your development involve a server that provides access to such data? Does the system that you are developing have requirements to access or distribute geospatial feature data over a network? Does your development involve a client that needs to access and display maps or spatially registered images or does your development involve a server that provides access to geospatial information or spatially registered images? Is a registry of data quality measures being established, to include for each measure, a name, possibly alternative names, the referring data quality sub-element, an identifier, a definition and a description, and if required, parameters? Does the application acquire, process, analyze, access, present and/or transfer geospatial information in digital/electronic form or does the application participate in the NSG or does the application use, display and/or communicate information about geospatial concepts (e.g. definitions or descriptions of items of geospatial information)? Are you developing an imaging [EO, SAR, LIDAR, FRAME, PUSHBROOM, WHISKBROOM] sensor model or does your software need to interface with a sensor model for derivation of geocoordinates? Are you using the ISO 19115 Geographic Information Metadata Standard or does your system require an International Standard that provides a clear procedure for the description of digital geographic datasets so that users will be able to determine whether the data in a holding will be of use to them and how to access the data or do you need a common XML specification for describing, validating and exchanging geospatial metadata? CAT 2.0.2
19
OpenGIS Filter 1.1, ISO 19136:2007
20
GML 3.1.1
21
WCS 1.0
22
WFS 1.1
23
WMS 1.3, WMC 1.1, SLD 1.0, WMS 1.1.1
24
ISO/TS 19138:2006
25
NFDD v2.0, NAS Pt. 1, v2.0, NEC v2.0
26
CSM, v2.A
27
ISO/TS 19139:2007
UNCLASSIFIED
Page 17 of 54
28 Do you need a common XML specification for describing, validating and exchanging geospatial metadata or are your geospatial metadata requirements driven by Department of Defense Discovery Metadata Specification, and Intelligence Community Metadata requirements and appropriate ISO standards or does your system require standards that provide a clear procedure for the description of digital geographic datasets so that users will be able to determine whether the data in a holding will be of use to them and how to access the data? Does your system require a web service interface for requesting, filtering, and retrieving observations and sensor system information? Does your application require information about times associated with spatial objects or do you application represent and/or manipulate time coordinates (events and/or intervals)? Does your system require precision time? Does your system collect, storage and disseminate METOC data between METOC data providers and user applications? Does your system require managed rule-based, policy language, access control to geospatial information and services within your service oriented architecture in an interoperable way across jurisdictions? Does your system require the efficient exchange of geographicpoint-location data which are universally interpretable and which allow identification of points on, above and below the earth s surface at varying levels of precision? Does your system require visualization of geospatial information and data using a web browser? Does your system interchange scientific data, i.e. environmental science, oceanography, atmospheric modeling and geospatial? Does your system interchange weather product messages in Gridded Binary Form with geospatial data (mapping, charting and geodesy services)? Does your system interchange data in Binary Universal Format for Representation (BUFR) with geospatial data (mapping, charting and geodesy services)? Does your application need to provide net access to GEOINT data as a map or spatially referenced image or need to access or display GEOINT data? NGCMP v1.0
29
OGC WCS 1.1.2, SPS 1.0, OpenGIS SOS 1.0
30
ISO 19108:2002 w/ Cor 1:2006
31 32
ITU-R TF460-6 Joint METOC Broker Language (JMBL)
33
OpenGIS GeoXACML 1.0
34
ISO 6709:2008
35
OGC KML 2.2.0
36
HDF v5
37
FM 92-X Ext. GRIB WMO No. 306
38
FM 94-X Ext. BUFR WMO No. 306
39
OGC SLD 1.1.0
UNCLASSIFIED
Page 18 of 54
40 Does your system require the ability to describe, discover, acquire/retrieve and process sensors (parameters and processes) and sensor-based geographic data and information in a web browser? Does application acquire process, analyze, access, present and/or transfer geospatial information in digital/electronic form? Does the application participate in the NSG or does the application collect, use, display and/or communicate geospatial information related to the topographic environment? Does your system produce, exchange, process, exploit, or otherwise use high-resolution elevation data? Does your system have a requirement to encode and portray digital Feature and Coverage data using user-defined styling language rules? Does the application require a standard, flexible and expressive representation for When and Where (time, space, and position) information? OGC SensorML v1.0.0
41
NSG TDS Content Spec V2.0
42
NGA.IP.0002_1.0
43
SE 1.1.0
44
TSPI v1.0.1
GEOINT: Motion Imagery

1 2 Does your system exchange Video Imagery? Is there a requirement to interactively disseminate large imagery (either still, motion or both) in a bandwidth constrained environment? Note, "large" and "bandwidthconstrained" are relative metrics. What is relevant is how fast does imagery move within? Does your system use MPEG-2 Systems for standard and high-definition compression or does your system require support for compressed video? Does your system require support for compressed video? Does your system exchange motion imagery data with external systems or does your system task, collect, produce, process, catalog, store, read, exploit, or disseminate digital motion imagery? Do your motion imagery terminals operate on IP-based broadcast-quality video at rates of less than 1 Mbps or do you need the best quality motion imagery at the lowest bandwidth? Does your system need to make multiple motion imagery sensors on arbitrary platforms interoperable or need accurate timing information on the sensor and platform related metadata associated with my MI streams? ISO/IEC 15444-9:2005
ISO/IEC 13818-1:2007 w/ Cor 1:2008, ISO/IEC 13818-3:1998
4 5
ISO/IEC 13818-2:2000 Advanced Authoring Format Version 1.1, SMPTE 377M:2004
ITU-T Rec. H.264 (03/2009)
MISB RP 0701.0 Common Metadata System:Structure
UNCLASSIFIED
Page 19 of 54
8 Will your system send metadata with a full motion video (FMV) file from a UAV, or will your system need to carry user metadata with the FMV end to end through a system or will you build a fully network-based, metadata-enabled motion imagery system? Does your system need to compress LVSD, WALF or WAS/WAPS imageries or use JPEG 2000 profiles? Does your system exchange motion imagery data with external systems or does your system task, collect, produce, process, catalog, store, read, exploit, or disseminate digital motion imagery? Does your system use motion imagery, full motion video (FMV), or just simply video, or do your imaging sensors/ systems generate sequential or continuous streaming images at rates of 1 frame per second or greater within a common field of regard? Does your system need to convey security information about a Motion Imagery stream or file within the Motion Imagery itself, or will your system need to find security information about Motion Imagery at the point of ingest into the NSG? Will your system need to time stamp metadata and full motion video (FMV) so they can be correlated, or is the timing accuracy of the metadata in relation to FMV important, or must the position of a certain object in the video frame be accurately identified? Will your system identify Motion Imagery streams and/or clips, or will your system identify a Motion Imagery clip extracted from a larger file, or will your system discover and retrieve Motion Imagery? Are you building/operating a Tier II or Above UAS or do you provide motion imagery or full motion video for situational awareness or need to send metadata with a full motion video (FMV) file from a UAV? Does your system create, store, or search for Motion Imagery clip/stream or exchange MI & metadata in a datalink with other systems or use Motion Imagery metadata to use MI? Does your system involve the digital conversion, capture or transmission of standard-definition full motion video or does your system use the Motion Imagery Standards Profile (MISP)? How do I convey metadata in a bit-efficient manner or how do I convey MISB-compliant metadata for Motion Imagery? MISB Standard 0601.3
MISB RP 0705.2, v1.1
10
MISB Standard 0301.4, v1.4
11
MISP v5.3
12
MISB Standard 0102.7
13
14
MISB RP 0608.1
15
USIP 1 IP 1.1
16
17
Rec. BT.601-6 (01/07)
18
SMPTE 336M-2007
GEOINT: Still Imagery
UNCLASSIFIED
Page 20 of 54
1 Does your system exchange Still Imagery data with external systems? ISO/IEC 15444-1:2004 | ITU-T Rec. T.800, ITU-T T.81, MIL-STD-2500C, ISO/IEC 12087-5:1998 w/Corrigenda 1&2, STDI-0002 v3, MIL-STD-188-199(1), MILSTD-188-198A(4) BPCGM01.00, ISO/IEC 8632-3:1999 (Updated citation), ISO/IEC 8632-1:1999 with Corrigenda 1:2006 BPJ2K01.10
Does your system exchange graphically annotated still imagery, raster or gridded data with external systems?
Does your system exchange still imagery, motion imagery, scanned maps, raster or gridded data with external systems? Does your system use or exchange Commercial Still Imagery data with external systems? C4ISR domain: Does your system transmit GMTI from airborne/spaceborne sensor platforms? Does the sys discvr ISR data from a product library or does the ISR library sys support client & server structures, standing queries, info release protection, or web discovery and retrieval of data in STANAG 4545, 4607,4609,4633,7023; NITF, NSIF, JPEG, TIFF? Does your system exchange, process, exploit, or otherwise use Still Imagery data from national sources? Does your system exchange still imagery, scanned maps, raster or gridded data with external systems?
STDI-0006, 23 July 2008
STANAG 4607, Ed 2
STANAG 4559, EDITION 2
NGA STDI-0001 v1.3/CN2
GeoTIFF Revision 1.0, TIFF Revision 6.0
Global Air Traffic Management

1 Is your system an Aviation vehicle requiring access to the civil air space with navigation capabilities? Will your Aviation system require area navigation? Will your Aviation system require global navigation? RTCA DO-236B, FAA AC 90-96A RTCA DO-246C, FAA AC 90-96A, RTCA DO-253A
2 3
Graphics Services
1 Does your system require services to support the creation and manipulation of graphics? Does your aircraft require a heads up display to its pilot? Does your system require services to support the creation and manipulation of graphics for the storage and transmission of animated graphics? OpenGL Graphics System:2001, ANSI/ISO/IEC 9636 MIL-STD-1787C MNG 1.0
2 3
High Availability Computing Middleware

UNCLASSIFIED
Page 21 of 54
1 Does the system require high availability applications and computing elements that are controlled (started and stopped) based on monitoring system state? Does the system require high availability computing which includes publishing and subscribing state change notifications among a cluster of processors? Does the system require high availability computing with standardized APIs for interfacing management applications and internal high availability objects to a cluster of computing processors? Does the system requires high availability of a service which is provided by a cluster of distributed computing resources? SAF SAI-AIS-AMF-B.04.01
SAF SAI-AIS-CLM-B.04.01
SAF SAI-AIS-IMM-A.03.01
SAF SAI-AIS-NTF-A.03.01
IA Metadata
1 Do you need to protect software and firmware changes? IETF RFC 4108
Identification Friend or Foe (IFF)

1 2 Does your system require military IFF capabilities? Does your system require military civil FAA IFF capabilities? DoD AIMS 97-900 ICAO Annex 10: Vol. III, ICAO Annex 10: Vol. I, ICAO Annex 10 Aeronautical Telecommunications: Volume V, ICAO Annex 10: Vol. II, ICAO Annex 10: Vol. IV RTCA DO-185A, ARINC 735A-1 RTCA DO-242A
3 4
Does your system require traffic alert and collision avoidance? Does your system require automatic dependent surveillance (broadcast)? Does your system implement, for either tactical information exchange, weapons employment decisions, or tactical/strategic situational awareness graphical display, entity identifications?
STANAG 1241, Ed 5
Information System Security Management

1 2 Has your system defined a Protection Profile? Does your system require the User-based Security Model (USM) for Simple Network Management Protocol (SNMP) version 3 for use in the SNMP architecture which defines the Elements of Procedure for providing SNMP message level security? Does your implementation require Type-1 encryption over an IP-based environment? ISO/IEC 15408 IETF RFC 3414
HAIPE IS v3.0.2
UNCLASSIFIED
Page 22 of 54
4 Does your system implement a Public Key Infrastructure (PKI)? Does your system require Key Management in an IP environment? Will your system use IPsec? IETF RFC 3585
IETF RFC 3566, IETF RFC 3686, IETF RFC 3602 IETF RFC 3526, IETF RFC 3664
Will your system require the use of Internet Key Exchange (IKE)? Does the system require secure DNS transactions? Will your system provide secure communications required for real-time applications such as VoIP? Does your system require a secure network management protocol?
7 8
IETF RFC 3645 IEEE Std 802.1AE
IETF RFC 5592, IETF RFC 5591, IETF RFC 5590
Internationalization Services
1 Does your system exchange data internationally? ISO/IEC 10646:2003, ISO/IEC 8859-1
IPv6 Capable Product Class Profiles

1 Are you building an IPv6 capable system? IETF RFC 4291, IETF RFC 3590, IETF RFC 4861, IETF RFC 4443, IETF RFC 4193, IETF RFC 4007 , IETF RFC 2460, IETF RFC 4862, IETF RFC 2710 IETF RFC 4862
Please refer to Section 2.1 of the IPv6 Product Profiles v3.0 for an explanation of the autoconfiguration requirements. For a valid IPv6 Capable profile, you MUST answer yes to either or both of the next two questions. Will the system include Stateless Address Autoconfiguration as described in RFC 2462 or RFC 4862? Will the system include DHCPv6 Client Side for discovering its own unique IPv6 interface address(es)? Do you use DHCPv6 and need to delegate IPv6 prefixes? Do you plan to expand the Neighbor Discovery Protocol Flag Options? Does your system include any Ethernet interfaces? Will you be sending IPv6 packets over Point-to-Point Protocol (PPP)? Will you be sending IPv6 Packets over IEEE 802.15.4 Networks?
IETF RFC 3315
4 5
6 7
IETF RFC 4944, IETF RFC 5172
UNCLASSIFIED
Page 23 of 54
9 Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of a Host/Workstation? IETF RFC 3810, IETF RFC 2711, IETF RFC 3596, IETF RFC 4305, IETF RFC 4306, IETF RFC 3484, IETF RFC 4307, IETF RFC 4303, IETF RFC 4301, IETF RFC 4308, IETF RFC 1981 IETF RFC 4302
10
In addition to the mandatory parts of the IPsec Profile, it is recommended that a Host/Workstation support the Authentication Header (AH). Will this system support AH? Host/Workstation products SHOULD+ support Privacy Extensions (RFC 4941) and when deployed on some networks, the network policy mandates support for Privacy Extensions when using SLAAC. Will this system support Privacy Extensions? Dual Stack operation enables interoperability with IPv4-only systems. Will this system be deployed where IPv4 interoperability is required? Will this system be deployed as a MIPv6 Mobile Node?
11
IETF RFC 4941
12
IETF RFC 4213
13
14
MIPv6 Mobile Nodes SHOULD+ support Network Access Identifier (RFC 4282) and the Mobile Node Identifier Option (RFC 4283). Will this system support these options? A system that will be deployed where it will operate with MIPv6 Mobile Nodes SHOULD support Route Optimization as defined in RFC 3775. Will this system support Route Optimization as a correspondent node? Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of an Advanced Server?
15
IETF RFC 3775
16
IETF RFC 4306, IETF RFC 3596, IETF RFC 3810, IETF RFC 4301, IETF RFC 4308, IETF RFC 4303, IETF RFC 2711, IETF RFC 4305, IETF RFC 3484, IETF RFC 1981, IETF RFC 4307 IETF RFC 4302
17
In addition to the mandatory parts of the IPsec Profile, it is recommended that an Advanced Server support the Authentication Header (AH). Will this system support AH? Does the deployment of this system require use of Privacy Extensions (RFC 4941) when using SLAAC? Will this system be deployed where IPv4 interoperability is required? Will this system be deployed where it will operate with MIPv6 Mobile Nodes?
18
IETF RFC 4941
19
IETF RFC 4213
20
IETF RFC 3775
UNCLASSIFIED
Page 24 of 54
21 Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of a Router? IETF RFC 3411, IETF RFC 3596, IETF RFC 4302, IETF RFC 4305, IETF RFC 4308, IETF RFC 4301, IETF RFC 4303, IETF RFC 4307, IETF RFC 2711, IETF RFC 2784, IETF RFC 1981, IETF RFC 4306, IETF RFC 2474, IETF RFC 3484, IETF RFC 3810, IETF RFC 4213, IETF RFC 2473 IETF RFC 3775, IETF RFC 3776, IETF RFC 4877 IETF RFC 4283, IETF RFC 4282
22
Will this system be deployed as a "Home Agent Router" in a MIPv6 configuration? MIPv6 Home Agent Routers SHOULD+ support Network Access Identifier (RFC 4282) and the Mobile Node Identifier Option (RFC 4283). Will this system support these options? Will this system be deployed as a Mobile Router in a NEMO configuration? Will this system be deployed as an Interior Router in the network core? Interior Routers SHOULD+ support Authentication/Confidentiality for OSPFv3. Will this system support this? Will this system be deployed as an Interior Router in the network core using IS-IS Protocol? Interior Routers using IS-IS Protocol requiring Cryptographic Authentication for IS-IS. Will this system support this? Will this system be deployed as an Exterior Router (BGP Gateway) between routing systems? Routers to be deployed in an Integrated Services (IntServe) architecture SHOULD+ support RSVP-based QoS. Will this system be providing RSVP-based QoS? Will this system support Aggregation of RSVP for IPv4 and IPv6 Reservations? Will the intended deployment of this Router require Protocol Independent Multicast? Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of a L3 Switch? Will this system be deployed as an exterior system node with routing functions to interface with routers at edge of a switching network? Will the L3 Switch be used as an Interior Router supporting OSPFv3?
23
24
25
26
IETF RFC 4552
27
IETF RFC 5308
28
29
IETF RFC 4271, IETF RFC 2545, IETF RFC 1772, IETF RFC 4760 IETF RFC 2205, IETF RFC 2207, IETF RFC 2210, IETF RFC 2750
30
31
IETF RFC 3175
32
IETF RFC 4601
33
IETF RFC 1981
34
IETF RFC 1772, IETF RFC 2545, IETF RFC 4271, IETF RFC 4760
35
UNCLASSIFIED
Page 25 of 54
36 L3 Switch used as Interior Router using OSPFv3 Must support Authentication/Confidentiality for OSPFv3. Will this system support this? Will the L3 Switch be used as an Interior Router in the network core using IS-IS Protocol? L3 Switch used as Interior Routers using IS-IS Protocol requiring Cryptographic Authentication for IS-IS. Will this system support this? Is this system a "managed switch", i.e. one that will be managed from a network management system using SNMP? Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of an IA Device? In addition to the mandatory parts of the IPsec Profile, it is recommended that an IA Device support the Authentication Header (AH). Will this system support AH? Will this system be deployed as an Inline Encryptor (INE) or a VPN Server, or will its deployment require IPsec secured connections with other devices? Will this system be configured to distribute IP Security Policy information to other devices? Do you need additional information on how to develop an IP Security Policy (IPSP) configuration and management framework (If the answer is Yes, you should include IETF RFC 3586 as part of your Information Guidance profile)? Will this system be deployed as a Radius server? Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. Does the system fit the definition of a Network Appliance? Minimum requirements for Network Appliance include the Base Requirements only, however it is recommended that a Network Appliance support as much of the Host/Workstation Product Class profile as possible, and strongly recommended that a Network Appliance support the IPsec Functional Requirements defined in Section 2.2. Will this system meet the Host/Workstation requirements in entirety? Will this Network Appliance support Multicast Listener Discovery, version 2 (RFC 3810)? Will this Network Appliance support Path MTU Discovery (RFC 1981)? IETF RFC 4301, IETF RFC 2711, IETF RFC 1981, IETF RFC 3596, IETF RFC 3810, IETF RFC 4306, IETF RFC 3484, IETF RFC 4308, IETF RFC 4303, IETF RFC 4307, IETF RFC 4835 IETF RFC 3162 IETF RFC 4552
37
IETF RFC 5308
38
39
IETF RFC 3411
40
41
IETF RFC 4302
42
43
IETF RFC 3585
44
45 46
47
48
49
IETF RFC 1981
UNCLASSIFIED
Page 26 of 54
50 Will this Network Appliance support DNS Extensions for IPv6 (RFC 3596)? Will this Network Appliance support Default Address Selection for IPv6 (RFC 3484)? Will this Network Appliance support IPsec? IETF RFC 3596
51
IETF RFC 3484
52
IETF RFC 4835, IETF RFC 4307, IETF RFC 4303, IETF RFC 4306, IETF RFC 4308, IETF RFC 4301 IETF RFC 4302
53
In addition to the mandatory parts of the IPsec Profile, it is recommended that a Network Appliance with IPsec also support the Authentication Header (AH). Will this Network Appliance support AH? Will this Network Appliance support Privacy Extensions (RFC 4941)? Please refer to the Product Class definitions in Section 1.6 of the DoD IPv6 Product Profiles for IPv6 Capable Products Version 3.0. The only remaining choice for an IPv6 Product Class is Simple Server. If your product does not fit the definition of a Simple Server, review the Product Profiles to identify an appropriate Product Class and restart this questionnaire. Does the system fit the definition of a Simple Sever? Minimum requirements for a Simple Server include the Base Requirements only, however it is recommended that a Simple Server support as much of the Advanced Server Product Class profile as possible, and it is strongly recommended that a Simple Server support the IPsec Functional Requirements defined in Section 2.2. Will this system meet the Advanced Server requirements in entirety? Will this Simple Server support Multicast Listener Discovery, version 2 (RFC 3810)? Will this Simple Server support Path MTU Discovery (RFC 1981)? Will this Simple Server support DNS Extensions for IPv6 (RFC 3596)? Will this Simple Server support Default Address Selection for IPv6 (RFC 3484)? Will this Simple Server support IPsec?
54
IETF RFC 4941
55
56
IETF RFC 3810, IETF RFC 4307, IETF RFC 3596, IETF RFC 2711, IETF RFC 4306, IETF RFC 4835, IETF RFC 4308, IETF RFC 4301, IETF RFC 4303, IETF RFC 3484, IETF RFC 1981
57
58
IETF RFC 1981
59
IETF RFC 3596
60
IETF RFC 3484
61
IETF RFC 4835, IETF RFC 4308, IETF RFC 4301, IETF RFC 4303, IETF RFC 4307, IETF RFC 4306 IETF RFC 4302
62
In addition to the mandatory parts of the IPsec Profile, it is recommended that a Simple Server with IPsec also support the Authentication Header (AH). Will this system support AH?
UNCLASSIFIED
Page 27 of 54
63 Will this Simple Server support Privacy Extensions (RFC 4941)? Do you need to operate Mobile IPv6 over both IPv6 and IPv4 networks? Do you require the use of Mobile IPv6 and plan to use real time services such as VoIP? IETF RFC 4941
64
IETF RFC 5555
65
IETF RFC 5568
Landing Aids
1 Is your system an Aviation vehicle requiring access to the civil air space with landing aid capabilities? Will your system require only a military Air Worthiness Certification for landing aids versus an FAA certification (A negative response implies an FAA certification or both will be required.)? Does your Aviation system require GPS landing aids? RTCA DO-246C, STANAG 4392, RTCA DO-253A
Learning Technologies
1 Will your system provide an integrated environment for education, training, and decision support? Will your system be providing online learning or will your system be used for training the warfighter and support personnel? IEEE 1484.11.1-2004, IEEE 1484.1-2003
SCORM
Medical Services
1 Does your CS Medical System use EDI for the exchange of messages containing medical data? Does the system use EDI for the exchange of Healthcare Administrative or Business Transactions? ANSI/HL7 V2.4-2000
ASC X12N 835:2006, ASC X12N 834:2006, ASC X12N 837 (Professional):2006, ANSI/HL7 V2.5.1, ASC X12N 270/271:2008, ASC X12N 837 (Dental):2007, ASC X12N 837 (Institutional):2007, ASC X12N 278:2008, ASC X12N 276/277:2008, ASC X12N 820:2007 NCPDP Batch v1.2, NCPDP v. D.0 DICOM:2008, DICOM:2006
3 4
Does the system use EDI for retail pharmacy transactions? Does your Medical System need to format, store, and/or exchange medical images and associated information? Does the system exchange data that supports patient care and the management, delivery and evaluation of healthcare services?
HL7 V3.0
UNCLASSIFIED
Page 28 of 54
Military Messaging
1 Does your system require the exchange of Tactical Digital Link (TADIL) bit-oriented messages? Does your system exchange TADIL-J (Link 16) messages or communicate with JTIDS/MIDS radio? Is your system required to exchange Link-16 information over long haul media? Does your system require Variable Message Format (VMF) data exchange? Do you exchange tactical data link (TDL) messages in a NATO environment? Does your system integrate and provide a TDL forwarding/gateway functionality? Does your system integrate and provide a TDL gateway/forwarding functionality for Link 22? MIL-STD-6016D, IBS TIDP, STANAG 4175 Ed.3 MIL-STD-3011
MIL-STD-6017A
STANAG 5522 ed 1
MIL-STD-6020A
STANAG 5616, Volumes II, and III, Edition 3, STANAG 5616, Volumes II, and III, Edition 4. MIL-STD-6011C SLP-MSG-210
8 9
Does your system require Link 11 data exchange? Does your system use the Sensor Link Protocol (SLP) message set to implement a common digital data exchange mechanism? Is your system used for transferring (though not processing) binary floating-point data? Does the system interface with the Defense Messaging System (DMS)? Does your system require the exchange of character-based messages?
10
ANSI/IEEE 754
11
ITU-T Rec. X.411
12
MIL-STD-6040B
Modeling and Simulation

1 2 3 Do your developers employ Activity Modeling? Do your developers employ Data Modeling? Do your developers use XML DTDs to exchange UML information? Does your system implement the High-level Architecture (HLA)? IEEE 1320.1 IEEE 1320.2 XMI-ax, OMG XMI v2.1.1
IEEE 1516.2, IEEE 1516, IEEE 1516.1
UNCLASSIFIED
Page 29 of 54
5 Are you required to develop a high-level framework for the development and execution of a HLA Federation or are you required to develop a conceptional model? Is your system part of the Weapon Systems domain? Does your system use HLA and/or DIS? Does DIS enable multi-user access and participation and for live interaction between remote sites, does DIS drive (stimulate) other resources from simulations? IEEE 1516.3
6 7 8
CIOTE NAS Pt. 1, v2.0, SISO-STD-002-2006 IEEE 1278.2-1995, IEEE 1278.3-1996, IEEE 1278.1A-1998, IEEE 1278.4-1997, IEEE 1278.1-1995
Multimedia Processing
1 Does your design capability involve interactive audiovisual presentation technology or streaming media such as audio streaming or video streaming? Does your system require Internetworking between Session Initiation Protocol (SIP) and Bearer Independent Call Control Protocol or ISDN User Part? Does your system require Session Initiation Protocol (SIP) in the Authenticated Identity Body (AIB) format? Does your system require ISDN to pass the signaling messages between the router and the ISDN switch at the local Central Office (CO)? Does your system require SDP routing for SAP, SIP, or RTSP use? Does your system require a description to perform the mapping between two signaling protocols: the Session Initiation Protocol (SIP) and the Integrated Services Digital Network (ISDN) User Part (ISUP) of Signaling System No. 7 (SS7)? Does your system require ISDN to pass the signaling messages between the router and the ISDN switch at the local CO with Call control and Management? SMIL 2.0
ITU-T Rec. Q.1912.5
IETF RFC 3893
ITU-T Rec. Q.921, September 1997
IETF RFC 3890
IETF RFC 3398
ITU-T Rec. Q.931, May 1998
Network Technologies
1 Does your network contain host system implementations of the Internet Protocol (IP) suite? Does your network support e-mail? Does your network support typical X.400-based messaging? ACP 123A:2001 IETF Standard 3/RFC 1122/RFC 1123
2 3
UNCLASSIFIED
Page 30 of 54
4 Does your network require medium-assurance messaging services using SMTP? IETF RFC 2231, IETF RFC 2821, IETF RFCs 2045-2049, IETF RFC 3023, IETF RFC 1870, IETF RFC 2822 ITU-T X.500:2001
Does your network require directory services for the location of users and resources on the network? Does your network require a Domain Name Service for host name/IP address resolution for IPv4 & IPv6?
IETF RFC 2136, IETF RFC 1995, IETF Standard 13/RFC 1034/RFC 1035, IETF RFC 1996 IETF Standard 9/RFC 959 IETF RFC 2428 IETF RFC 3673, IETF RFC 3377
7 8 9
Does your network require an ftp facility for IPv4 & IPv6? Does your network require an ftp facility for IPv6? Does your network require Lightweight Directory Access Protocol Version 3? Will you be requiring Mobile Cellular? Does your network require time synchronization? Does your network connect to the Internet? Does your network use the syntax of URLs and URIs for IPv4 and IPv6? Does your system support connectionless data transfer? Does your system require use of the Transmission Control Protocol (TCP)? Does your system require use of the Internet Protocol (IP) for IPv4? Does your system require use of the Internet Protocol (IP) for IPv6?
10 11 12 13
ITU-R M.1457-7:2007, IETF RFC 3963 IETF RFC 1305 IETF RFC 2616 IETF RFC 1738, IETF Standard 66/RFC 3986 MIL-STD-2045-47001D(1) IETF Standard 7/RFC 793, IETF RFC 2581 IETF RFC 3344, IETF RFC 2794, IETF Standard 5 IETF RFC 3544, IETF RFC 4007 , IETF RFC 4213, IETF RFC 2508, IETF RFC 3173, IETF RFC 3595, IETF RFC 3162, IETF RFC 3697, IETF RFC 1981, IETF RFC 2492, IETF RFC 2507, IETF RFC 2473, IETF RFC 2460, IETF RFC 3596 IETF RFC 2126
14 15
16
17
18
Does your system require Open System Interconnection (OSI) applications to operate over IP-based networks using IPv4 and IPv6? Can your Internet-based environment be classified as a "stressed" communications environment?
19
CCSDS 717.0-B-1/ISO 15894:2000, CCSDS 713.0-B-1/ISO 15891:2000, CCSDS 713.5-B-1/ISO 15892:2000 af-phy-0170.000
20
Do your subnets require Asynchronous Transfer Mode (ATM) services?
UNCLASSIFIED
Page 31 of 54
21 Does your system include an Integrated Services Digital Network (ISDN)? Is signaling at the user/network interface required? Is signaling at the node-to-node interface required? Is there signaling layer Interface between a PBX-1 and a DSN Switch via T1 or the Signaling Layer Interface between a Customer IST and a DRSN Voice Switch? Does your system require Synchronous Optical Network Transmission (SONET) Facilities? ANSI T1.603-1990 (R2000)
22 23 24
ANSI T1.619a-1994, ANSI T1.619 ATIS 1000111.2005, ATIS 1000112.2005 ITU-T Q.955.3
25
ANSI T1.105-2001, ATIS-PP0900101.2006, ANSI T1.105.06-2002, ANSI T1.107-2002 IETF RFC 2615
26
Will your system generate IP Datagrams for transport over SONET or will your system require IP encapsulation for SONET transport? Does your SONET/SDH system need automatic, dynamic bandwidth allocation? Will your system be supporting Voice over IP?
27
ITU-T G.7042/Y.1305 (March 2006)
28
IETF RFC 3265, IETF RFC 3264, IETF RFC 3261, IETF RFC 3550 IEEE 802.11-2007
29
Will your system provide an interface to or support the transport services of a wireless local area network? Do you need wireless access in remote areas where other technologies may not be available? Does your subnets require LAN technology for joint interoperability using IPv6? Does your system require routing and interoperability between subnetworks? Are routers used to interconnect subnetworks and/or endsystems for IPv4?
30
IEEE 802.16-2004
31
IETF RFC 2464
32
33
IETF Standard 7/RFC 793, IETF Standard 6/RFC 768, IETF RFC 3396, IETF Standard 13/RFC 1034/RFC 1035, IETF RFC 1812, IETF RFC 2131, IETF RFC 2132 IETF Standard 54/RFC 2328
34
Are IP routers used for interior routing (within the system) for IPv4? Does your organization employ IPv4 Private-Use Network addressing [IETF RFC1918]? Are IP routers used for exterior routing (external to the system) for IPv4 & IPv6? Are IP routers used for exterior routing (external to the system) for IPv6?
35
IETF RFC 4193
36
IETF RFC 1772
37
IETF RFC 2545
UNCLASSIFIED
Page 32 of 54
38 Do you need to specify the requirements for an IP SCIP endpoint developer or do you need to specify the requirements for an IP device that provides access for a SCIP endpoint located on a different type of network (non-IP)? Are IP routers used for interior routing (within the system) for IPv6? Does your system include a Combat Net Radio subnet? Do your subnets require LAN technology for joint interoperability using IPv4? Do your subnets require LAN technology for joint interoperability? Do your subnets require full duplex, synchronous or asynchronous, point-to-point communications? SCIP 215 Rev 2.0
39
IETF RFC 2740
40 41
MIL-STD-188-220D(1) IETF Standard 37/RFC 826, IETF Standard 41/RFC 894 IEEE 802.3-2005
42
43
IETF RFC 1994, IETF RFC 1989, IETF RFC 1990, IETF RFC 1332, IETF RFC 1570, IETF Standard 51/RFC 1661/RFC 1662 IETF RFC 3711
44
Do your IPv6 subnets require full duplex, synchronous or asynchronous, point-to-point communications? Do your subnets require a serial line interface?
45
TIA/EIA 232-F, TIA/EIA 530-A, IETF RFC 3241 IETF RFC 4798
46
Do you have IPv6 networks that need to be connected via an IPv4 MPLS network? Is this a mobile node or a router providing Home Agent capabilities or do you require Mobile Ipv6 operation with IKEv2 and the revised IPsec Architecture? Does your system use Generic Routing Encapsulation? Does your network require support for robust header compression for RTP/UDP/IP, UDP/IP and ESP/IP headers? Will your system generate IP Datagrams for transport over ATM or require IP encapsulation for ATM transport? Will your system require any electrical interfaces between 1.544Mb/s to 44.736Mb/s.? Will your system require T1.5 or 2 Mb/s interfaces multiplexed to a DS-3 rate? Does your system use a Management Information Base (MIB) for managed objects, residing in a virtual information store? Are you managing IP tunnels via SNMP MIBS? Are you currently using IETF RFC 2667?
47
IETF RFC 4877
48 49
IETF RFC 2784 IETF RFC 3095, IETF RFC 5225
50
IETF RFC 2684
51
ITU-T G.704
52
ITU-T G.732
53
IETF Standard 58/IETF RFC-2578, April 1999. IETF RFC 4087
54
UNCLASSIFIED
Page 33 of 54
55 Does your system support the Simple Network Management Protocol (SNMP) version 2? Does your network manage TCP transport policy via SNMP? Does your network manage UDP transport QOS and policy via SNMP? Is the network layer interface between a customer VTU and a DVS node via an ISDN connection? Will your network system need to support rapid deployment to new Internet attachment points? Does your system require terminations for optical signals for single channel, SONET/SDH type formatted signals? Will you be managing SONET/SDH interfaces on the GIG? Will your system be managing Optical Interfaces associated with Wavelength Division Multiplexing Systems on the GIG? Does your system have to interoperate with the DISN Core upgrade? Does your system require ISDN Service? IETF Standard 62/IETF RFC 3416
56 57
58
ITU-T Rec Q.932
59
IETF RFC 3963
60
ATIS 0900105.02-2007
61 62
63
ITU-T G.703, ITU-T Rec. G.691 (03/2006), ITU-T Rec. G.957 (03/2006) ANSI T1.113:2000, ANSI T1.605-1991 (R2004), ANSI T1.607-2000 (R2004), ANSI T1.602-1996 (R2004), ANSI T1.6011999 (R2004), ANSI T1.403.01-1999, ANSI T1.610-1998 (R2003), ANSI T1.114:2000 IETF RFC 5244, IETF RFC 4734, IETF RFC 4308, IETF RFC 4733
64
65
Does your networking environment require IPSec functionality across a broad range of network vendors and implementations? Does your networking environment require advanced services such as AAA authentication or dynamic allocation of network parameters when nodes enter a network? Would your wireless IP network infrastructure benefit from reduction of network overhead resulting from reduced packet header size in network traffic? Does your network environment require secure key management and exchange? Does your network include a variety of IPv6 address types, mobile or multi-homed nodes, privacy addressing, or global IPv6 prefixes? Does your networking environment require integration of your network with other autonomous networks or existing internetworks?
66
67
IETF RFC 4362
68
IETF RFC 4109
69
IETF RFC 3484
70
IETF RFC 4271
UNCLASSIFIED
Page 34 of 54
71 Does your network equipment require IPv6 addressing and connectivity or does your network tie together multiple small network domains into a hierarchal internet system or does your network environment include multiple vendors and networking levels? Does your network equipment require IPv6 connectivity or does your network environment include multiple vendors and networking levels or does your networking requirements mandate readily-available testing and troubleshooting tools? Do your subnets require ATM services for the Physical Layer? IETF RFC 4291
72
IETF RFC 4443
73
af-phy-0133.000, af-phy-0046.000, af-phy0086.001, af-phy-0015.000, af-phy0016.000, af-phy-0043.000, af-phy0064.000, af-phy-0054.000 ANSI T1.102-1993 (R2005), ITU-T Q.735.3
74
Does your system require a physical layer interface between a PBX-1or PBX-2 and a DSN switch via T1? Is there a physical layer interface between an ISDN-capable device and a DSN switch via a PRI or BRI circuit or is physical layer interface between a customer VTU and a DSV node via an ISDN connection? Is there physical layer interface between a Customer ATM Switch and a DATMS-C ATM Switch via ATM? Do your subnets require ATM services for the User-to-NetworkInterface? Do your subnets require ATM services for Layer Management Capabilities? Do your subnets require ATM services for Traffic Management Functions? Do your subnets require ATM services for Circuit Emulation Functions? Do your subnets require ATM services for AAL1 and AAL5 Functions? Do your subnets require ATM services for Private Network-toNetwork Interfaces? Will your subnets require ATM services for trucking using AAL2? Will your subnets use the ATM security framework? Do you need to interconnect ATM networks with MPLS networks?
75
ITU-T Rec I.430, ITU-T I.431 (1993)
76
ANSI T1.416.01-1999, ANSI T1.416.042005, ANSI T1.416.02-1999 af-sig-0061.000, af-sig-0076.000
77
78
af-ilmi-0065.000
79
af-tm-0121.000
80
af-vtoa-0078.000
81
ITU-T I.363.1, ITU-T I.363.5
82
af-pnni-0066.000, af-ra-0123.000, af-pnni0055.000 af-vtoa-0113.000
83
84 85
af-sec-0100.002 af-aic-0178-001
UNCLASSIFIED
Page 35 of 54
86 Is there data link layer interface between a customer ATM switch and A DATUMS-U ATM switch via ATM or what is the data link layer interface between a customer ATM switch and a DATMS-C ATM switch via ATM? Do you require very precise time synchronization using your existing Ethernet network? Do you want to control what access a network device has if it is plugged into any network port on a network switch, or do you want to control which wireless devices get access to the network through a wireless access point? Is network addressing scaled beyond the limits of the class B address space? Does the system comprise a fully meshed site to site VPN that must scale to the order of 100 or more VPN end points? Does your system profile use Border gateway protocol or does your network topology support less than a full mesh topology or does your network topology BGP communities or is it possible that a BGP speaker in the network may send an unrecognized BGP option? Is the DDDS used to implement lazy bindings of strings to data, in order to support dynamically configured delegation systems? Is the multicast inter-domain routing environment in question, subject to NCID or is it necessary to support multicast to or from within the local routing domain? Do you plan to use multicast or do you need to discover neighboring nodes? Are you planning to implement SNMP based management for IP? Are you planning to implement IPv6 mobility and use SNMP based network management? Does the application use Stateless Address Configuration, and would it benefit from reduced latency, as well as enhanced recovery from address collisions? Does a backbone network or intranet need to be protected against attacks on routing protocols? Would your IP mobility or multihoming deployments benefit from more efficient and automatic maintenance of Security Associations while mobile nodes moved around the network? Are multiple network layers (IPv4 and IPv6 for example) operating in the same network ? ITU-T Rec I.361
87
IEEE 1588-2002
88
IEEE 802.1X:2004
89
IETF RFC 1519
90
IETF RFC 2332
91
92
IETF RFC 3761
93
IETF RFC 3956
94
IETF RFC 2710
95
96
IETF RFC 4295
97
IETF RFC 4429
98
IETF RFC 4552
99
IETF RFC 4555
100
IETF RFC 4760
UNCLASSIFIED
Page 36 of 54
101 Do you have local area internet segments that are remotely monitored from an ops center via a data network or enough network assets on these remote segments that monitoring them individually would adversely load the communications infrastructure? Does the deployment require header compression to conserve bandwidth? Does your system provide resource priority service in which the higher priority calls are permitted to preempt and use resources of other equal or lower precedence call requests in the digital IP based networks? Does your system use Local Session Controllers(LSCs), Assured Real Time Services (ARTS) Softswitches(SS), or Edge Boundary Controllers (EBCs)? Does your system provide resource priority service in which the higher priority calls are permitted to preempt and use resources of other equal or lower precedence call requests in the digital IP based networks or does your system use Local Session Control? Do you plan to build a low rate wireless personal area network or do you require low rate, low power, radio transceiver or sensors? Do you anticipate needing capabilities dependent on Directory Services-based Quality of Service guarantees or acquiring network or transport infrastructure equipment that require use of Directory Services based Quality of Service capabilities? Does your LSC or ARTS SS or EBC support AS-SIP? Does your LSC or ARTS SS generate and process the audio and video media feature tags? Does your system require the use of the URI scheme tel", which describes resources identified by telephone numbers or does your system require the use of a telephone number as: (1) the address-of-record or identifier, or (2) a "dial string? Does your system require an IANA registry specification to list and standardize tel URI parameters and values or does your system require interoperability between independent and/or dissimilar tel URI implementations? Does your system use Session Initiation Protocol (SIP) for interactive communications; if so, is additional privacy beyond that which the SIP user Agent can supply required? Will the Land Mobile Radio (LMR) system use routers to interconnect subnetworks and/or end-systems for IPv4? IETF RFC 4502
102
IETF RFC 4996, IETF RFC 4995, IETF RFC 4815 IETF RFC 3590
103
104
IETF RFC 4412
105
IEEE STD 802.15.4-2006
106
IETF RFC 4104
107 108
109
IETF RFC 3966
110
IETF RFC 5341
111
112
IETF RFC 3011
UNCLASSIFIED
Page 37 of 54
Object
1 Does your system support Distributed Object Computing (CORBA compliance)? Does your system allow internetworking among distributed objects? Will an Event Service be implemented? Will a Transaction Service be implemented? Will a Time Service be implemented? Will a Trading Object Service be implemented? Will a Notification Service be implemented? Will you be implementing a data distribution infrastructure using a distributed object model via CORBA and do you require a service that provides a basic building block on which higher-level services impose the conventions and semantics which determine how frameworks of application and facilities objects locate other objects? OMG document formal/02-06-01
3 4 5 6 7 8
OMG formal/04-10-02 OMG formal/03-09-02 OMG formal/02-05-06 OMG document formal/00-06-27 OMG document formal/00-06-20 OMG formal/04-10-03
Operating System Services

1 2 3 Does your system use a POSIX based Operating System? Does your Operating System run Win32 applications? Will you utilize a real time or embedded POSIX operating system? Does your Operating System run (or intend to run) Linuxbased applications? Does your Operating System run UNIX -based applications? ISO/IEC 14519, ISO/IEC 9945:2009 Win32 APIs-Current IEEE 1003.13-2003
Linux 3.1, Linux 3.1 PPC32, Linux 3.1 IA32
UNIX Version 3
Optical Digital Technologies

1 2 Will your system require WDM, long haul, optical interfaces? Will your system require dense WDM (DWDM) optical interfaces? Will your system interface with SDH networks? Does your system require SDH linear or ring protection schemes? ITU-T G.692 ITU-T G.694.1
3 4
ITU-T G.707/Y.1322:2007 ITU-T G.841
UNCLASSIFIED
Page 38 of 54
5 Will your system require 10 Gb/s or 40 Gb/s short haul (0.6 Km to 2 Km) optical interfaces? Will your system interface with multiple vendors or a service provider with OTN G.709 interfaces at rates of 2.5G, 10G, and 40Gb/s? Does your system provide transport of or interfaces to FICON/ESCON, GigE or ITU-T G.709? Does your SONET/SDH system need automatic, dynamic bandwidth allocation? Do you require UNI signaling to create and delete connections on-demand or do you need to establish SONET/SDH, OTN, and Ethernet connections ? ITU-T Rec. G.693 (05/2006)
ITU-T G.709/Y.1331
ITU-T G.7041/Y.1303:2008
ITU-T G.7042/Y.1305 (March 2006)
OIF-UNI-02.0-Common
Platform Communications Services

1 Does your system require official organizational-messaging traffic between DoD organizations? IETF RFC 2822, IETF RFCs 2045-2049, IETF RFC 2231, IETF RFC 2821, IETF RFC 3023, IETF RFC 1870, ACP 123A:2001 IETF RFC 1996, IETF RFC 1995, IETF RFC 2136, IETF Standard 13/RFC 1034/RFC 1035 ITU-T X.500:2001
Does your network require a Domain Name Service for host name/IP address resolution?
Does your network require directory services for the location of users and resources on the network? Does your network require Lightweight Directory Access Protocol Version 3? Is your system a router and will it be internal to the GIG-BE network? Will your system need to exchange link, and node topology information with other GIG BE Provider routers or will your system forward IP Datagrams internal to the GIG BE network or will your system interface to GIG BE Provider routers? Does your system require an intra-system routing protocol? Will your system interface to the GIG-BE as an autonomous system and switch MPLS packets or will your system run BGP with the GIG-BE border router and switch MPLS packets? Does your system require a User-to-Network (UNI) signaling interface to the GIG-BE network? Will your system be used as a label switched router in the GIGBE or will your system signal over a UNI interface to the GIGBE a request for precedence services?
IETF RFC 3032
IETF RFC 1195
7 8
ISO/IEC 10589 IETF RFC 3107
OIF-UNI-01.0-R2-Common
10
IETF RFC 3209
UNCLASSIFIED
Page 39 of 54
11 Does your system require the file format, known as LDIF, for LDAP Data Interchange Format? Does your system use Session Initiation Protocol (SIP) for interactive communications? Will your system be utilizing messaging over an IP-based network? Will your system exchange routing information with GIGBE border routers using BGP? Do you use multicast services or do you expect the GIG BE to transport multicast packets to the multicast rendezvous point or does your network create shortest-path trees per source? IETF RFC 2849
12
IETF RFC 3326
13
IETF RFC 3262
14
IETF RFC 2385
15
IETF RFC 4601
Product Data Interchange

1 Does your Combat Support system require product data interchange between CAD/CAM systems? ISO 10303-22:1998, ISO 10303-105:1996, ISO 10303-31, ISO 10303-32, ISO 10303224:2001, ISO 10303-21:2002, ISO 10303203:1994, ISO 10303-202, ISO 1030342:2003 w/Cor 1:2007, ISO 1030311:2004, ISO 10303-43:2000, ISO 103031, ISO 10303-101:1999, ISO/TR 1030312, ISO/IEC 13584-42, ISO 1030311:2004, ISO 10303-42:2003 w/Cor 1:2007, ISO 10303-201, ISO 1030344:2000, ISO 10303-45, ISO 10303-46, ISO 10303-47, ISO 10303-49, ISO/IEC 13584-20, ISO 10303-41:2000 CCDM/CCDF Traffic 4.2
Does the system process, store, transmit or receive cryptology or cryptology related data? Are you providing SIGINT reporting?
USSID SG5302, (U) USSID CR1500, (U) USSID DA3611, USSID DA3620, USSID CR1400, (U) USSID CR1501, USSID AP2405, USSID SG5301, USSID CR1551 NCS Version 3.1 ANSI/AIM-BC1
4 5
Does the system use facility CAD applications? Does your Combat Support system require the use of bar codes?
UNCLASSIFIED
Page 40 of 54
6 Does your Combat Support System exchange product model data for ship building? ISO 10303-210, ISO 10303-203:1994, ISO 10303-204, ISO 10303-207, ISO 10303-32, ISO 10303-201, ISO 1030311:2004, ISO 10303-31, ISO 10303224:2001, ISO 10303-225, ISO 10303202, ISO 10303-214, ISO 10303-21:2002, ISO 10303-101:1999, ISO 10303-44:2000, ISO 10303-46, ISO 10303-47, ISO 1030322:1998, ISO/TR 10303-12, ISO 10303209, ISO 10303-42:2003 w/Cor 1:2007, ISO 10303-43:2000, ISO 10303-41:2000, ISO 10303-1, ISO 10303-105:1996, ISO 10303-45, ISO 10303-49 IFC 2x2
Will the system use Building Information Models (BIM) as defined in the Real Property Acceptance policy guidance? Does the Navy require ship or facility product model technical data for my system to do design certification or lifecycle support or does the Navy need technical data on the piping, HVAC, cable trays, or mechanical subsystems in my system to do engineering? Does the Navy require ship product model technical data for my system to do design certification or lifecycle support or does the Navy need compartmentation data on my system to do vulnerability analysis or flooding and casualty control? Does the Navy require ship product model technical data for my system to do design certification or lifecycle support or does the Navy need hull form information to do stability, hydrodynamic, hydristatic, wake, efficiency, or other analysis? Does the Navy require ship product model technical data for my system to do design certification or lifecycle support or does the Navy need ship product model data on plate/beam/stiffener structure to do repairs, modifications, radar cross section analysis?
ISO 10303-227:2005, ISO/AP 10303212:2001
ISO 10303 Application Protocol 215:2004
10
11
Radio Communications
1 Does your radio subsystem operate in the Low Frequency (LF)/Very Low Frequency (VLF) frequency bands? Does your Automatic Link Establishment (ALE) or radio subsystem operate in the High Frequency (HF) bands? Does your system require anti-jamming capabilities for HF radio equipment? Does your system require HF data modem interfaces? Is your system fielded in an aviation vehicle? MIL-STD-188-140A
MIL-STD-188-141B
MIL-STD-188-148A
4 5
MIL-STD-188-110B ARINC 750-4, RTCA DO-186B
UNCLASSIFIED
Page 41 of 54
6 Does your radio subsystem require operation in the Very High Frequency (VHF) frequency bands? Does your radio subsystem require operation in the Ultra High Frequency (UHF) frequency bands? Does your radio subsystem require anti-jamming capabilities for UHF radio equipment? Does your radio subsystem require operation in the Super High Frequency (SHF) frequency bands? Does your system require communication with the JTIDS/MIDS radios? C4ISR domain: Do you use Unattended Measurement and Signature Intelligence (MASINT) Sensors (UMS)? Does the application entail over the air communication of high capacity C4ISR data? Does your system require on-demand or real-time video and audio streaming? Does your system require access to the Land Mobile Radio (LMR) to enable Public Safety officials to communicate, in a secured or encrypted way, with each other to protect their operations in any emergency situation? MIL-STD-188-242
MIL-STD-188-243
STANAG 4246
MIL-STD-188-145
10
STANAG 4175 Ed.3
11
SEIWG-005
12
Common Data Link Communications Standard IETF RFC 3605, IETF RFC 3843
13
14
TIA-102.AABC-B-4, TIA-102.BAAD-1, ANSI/TIA-102.AABC-B-2-2007, TIA102.BAAD, TIA TSB-102.BAFA-A, TIA102.AABC-B-5, ANSI/TIA-102.CAAB-B, TIA TSB-102.BAGA, TIA TSB-102.AABG1, TIA TSB-102.AABG, ANSI/TIA102.AABC-B-3-2008, TIA-102.AACE TIA-102.BACA-A, TIA-102.BAAC-A, ANSI/TIA-102.AABA-A-2004, ANSI/TIA102.AAAB-A-2005, ANSI/TIA/EIA102.BADA-2000, ANSI/TIA/EIA102.AACA-2001, ANSI/TIA/EIA102.AAAD-2002, ANSI/TIA-102.AABB-A2005, TIA-102.AACD, TIA-102.BACD-A, TIA-102.BAEA-A, TIA-102.BACE, TIA-603C, ANSI/TIA-102.AABC-B-2005, TIA102.AABD, TIA-102.AABC-B-1, TIA TSB102.CAAC, TIA TSB-102.BACC-A, ANSI/TIA-102.BAEE-A, ANSI/TIA102.BAEC, ANSI/TIA-102.BAEB-A-2005, ANSI/TIA-102.BADA-1-2006, ANSI/TIA102.BABA-2003, ANSI/TIA-102.AACB2002, ANSI/TIA-102.AACA-2-2003, ANSI/TIA-102.AACA-1-2002, TIA102.BAHA IEEE 802.21-2008
15
Does your system require access to the Land Mobile Radio (LMR) to enable Public Safety officials to communicate, in a secured or encrypted way, with each other to protect their operations in any emergency situation?
16
Will your system provide an interface to or support handover capabilities.?
UNCLASSIFIED
Page 42 of 54
Raster/Image Data Interchange

1 Does your system exchange large still-raster images where lossy compression is acceptable? Does your system require the interchange of lossless raster images such as animation? Does your system support Virtual Reality modeling and capabilities for 3-D data representation? Does your system support portable network graphics? JPEG
GIF v89a
ISO/IEC 14772-1
ISO/IEC 15948:2004
Representation
1 Does your system need to mediate environmental data for the physical and/or visual representation of natural and man-made objects among multiple users and producers? ISO/IEC 18025:2005(E), ISO/IEC 180231:2006(E), ISO/IEC 18026:2006(E), ISO/IEC 18042-4:2006(E), ISO/IEC 180244:2006(E), ISO/IEC 18041-4:2005(E), ISO/IEC 18023-3:2006(E), ISO/IEC 180232:2006(E)
Satellite Communications
1 2 Does your system transmit data from space? Does your system require 5-KHz or 25-KHz single-channel access service for the transmission of voice or data? Will your satellite communications terminal be required to operate over Intelsat Standard A, B, F and H satellites operating in the 6 and 4GHz Frequency Bands? Will your satellite communications terminal be required to operate over Intelsat Standard C, E, and K satellites operating in the 14 and 11/12 GHz Frequency Bands? Do your SATCOM systems need to access Intelsat V and VA in higher than nominal orbital inclination? Do your SATCOM Modems require ensuring the interoperability of QPSK operating in Frequency Division Multiple Access at intermediate data rate (IDR)? Do your SATCOM Modems operate on Intelsat carriers (except SCPC carriers) in the 6 GHz Frequency Band? Does the system use short-delay, report-broadcast functions and operate over 5- and 25-kHz UHS SATCOM channels? Does your system require 5-KHz Demand-Assigned Multiple Access (DAMA) service for the transmission of voice or data? SCPS-TP, SCPS-NP, SCPS-FP MIL-STD-188-181C
IESS-207
IESS-208
IESS-411, Rev 4
IESS-308 Rev. 11
IESS-401 Rev. 7
MIL-STD-188-186
MIL-STD-188-182B
UNCLASSIFIED
Page 43 of 54
10 Does your system require 25-KHz Time Division Multiple Access (TDMA)/DAMA service for the transmission of voice or data? Do your data controllers operate over single-access 5-KHz and 25-KHz UHF SATCOM channels? Does your MILSATCOM equipment control access to DAMA UHF 5-KHz and 25-KHz MILSATCOM channels? Does your satellite communications terminal need to operate in the SHF spectrum or do you require DSCS or WGS terminal certification? Do you need a non-IP based, legacy FDMA modem for your satellite communications terminal that will operate in the SHF spectrum or do you require DSCS or WGS terminal certification? Are you required to ensure interoperability of SATCOM baseband equipment? Does your system have waveform, signal processing, and protocol requirements for Medium Data Rate (MDR) Extremely High Frequency (EHF) satellite data links? Does your system have waveform, signal processing, and protocol requirements for acquisition, access control and communications for Low Data Rates (LDR) (75 to 2,400 bps) EHF satellite data links? Does your system require Digital Storage Media Command and Control (DSM-CC)? Does your system require Digital Video Broadcasting (DVB) for data broadcasting? Does your system require Digital Video Broadcasting (DVB) Framing structure, channel coding and modulation for 11/12 GHz satellite services? Is your system compatible with the waveform, signal processing and protocols for legacy EHF systems? Does your system require the use of MPEG-2 Systems, Video and Audio in satellite, cable and terrestrial broadcasting applications? MIL-STD-188-183B:2004
11
MIL-STD-188-184A, MIL-STD-188-184(3)
12
MIL-STD-188-185(2)
13
MIL-STD-188-164A(2)
14
MIL-STD-188-165A(1)
15
MIL-STD-188-168(1)
16
MIL-STD-188-136A(2)
17
MIL-STD-1582D(2)
18
ISO/IEC 13818-6
19
ETSI EN 301 192
20
ETSI EN 300 421
21
MIL-STD-3015A
22
ETSI TR 101 154
Secure Operating System

1 Are evaluation criteria necessary for Basic Robustness of your Operating System? CAPP
UNCLASSIFIED
Page 44 of 54
2 Does your system require the Protection Profile for Multilevel Operating Systems in Environments Requiring Medium Robustness which specifies security requirements for commercial-off-the-shelf (COTS) general-purpose multilevel operating systems in networked environments containing sensitive information? Does your system require the Protection Profile for Singlelevel Operating Systems in Environments Requiring Medium Robustness which specifies security requirements for commercial-off-the-shelf (COTS) general-purpose operating systems in networked environments containing sensitive information? MLOSPP
SLOSPP
Security Protocols
1 2 Does your system require secure organizational messaging? Are secure web communications required for client/server applications such as VPN or email? Does your system require secure ftp? Does your system require components that issue, revolve, and manage public key certificates? Does your system use tokens for sensitive but unclassified (SBU) application (Class 4) in DoD PKI? Is this an IT implementation that provides DNS capabilities? ACP 120 IETF RFC 4346, IETF RFC 5246
3 4
IETF RFC 2228 CIMCPP
PKIKMITKNPP
IETF RFC 4035, IETF RFC 4033, IETF RFC 4034 IETF RFC 2403 IETF RFC 2385
7 8
Does your system require IPSec? Will your system require Layer 3 VPN services from the GIGBE? Is this an IT implementation requiring Kerberos (or non-PKI) based authentication? Does your system require protection of the data portion and/or header portion of the IP packet or does your system require security services at the IP layer or does your system require a key exchange mechanism to establish IP Security Associations? Does your network environment risk attack when using Neighbor Discovery functionality? Does your system require secure network services in an IP environment? Does your system require a secure network management protocol?
IETF RFC 4120
10
IETF RFC 4306
11
IETF RFC 3971
12
IETF RFC 3972
13
UNCLASSIFIED
Page 45 of 54
14 Does your system require network-layer security in an IP environment? Does your system require datagram authentication or does your system require security services at the IP layer? Does your system require authentication and encryption in an IP environment? Does your system require protection of the data portion and/or header portion of the IP packet or does your system require security services at the IP layer? Do you need to implement a secure mail system for information exchange across the GIG? Will you be using IPsec and IKE protocols or do you require authentication, confidentiality, or integrity protection? Are secure communications required for real-time applications such as VoIP or DDS or are secure communications required over a datagram transport such as UDP/IP? Does your system require secure remote access via the Internet? Does this application require file transfers for System Administrators, such as in file backups or mass storage? Does this application require the use of encryption and authentication at very high data rates (>10 Gb/s)? Does your application need to secure XML-based Internet transactions using PKI and digital certificates or benefit from centralizing PKI and digital certificate handling to the serverside instead of client applications? Does your information systems and networks need to comply with all the audiovisual and multimedia systems security control protocols in the H.235.0 standard? Does your implementation require Type-1 encryption over an IP-based environment? Does your system achieve the use of SDP Security Preconditions? IETF RFC 4301
15
IETF RFC 4302
16
IETF RFC 4303
17
18
IETF RFC 3850
19
IETF RFC 4869
20
IETF RFC 4347
21
IETF RFC 4250
22
IETF RFC 4217
23
IETF RFC 4106
24
W3C XKMS 2.0
25
ITU-T Rec. H.235.0
26
HAIPE IS v3.0.2
27
IETF RFC 5027
System Management Services

1 Does your system support the Simple Network Management Protocol (SNMP)? Will your system be utilizing host-to-host communications over an IP-based network? IETF RFC 3412, IETF RFC 3413, IETF RFC 3411 IETF RFC 3289
UNCLASSIFIED
Page 46 of 54
3 Does your system require management for telecommunications switches? If your system manages a data communications network, will your system require SNMP MIB modules? ANSI T1.208:1997, ITU-T M.3400:2000, ANSI T1.204:1997 IETF RFC 1473, IETF RFC 2789, IETF RFC 2737, IETF Standard 62/IETF RFC 3418, IETF RFC 1471, IETF RFC 2788, IETF RFC 1472, IETF RFC 2515, IETF RFC 2006, IETF RFC 2605, IETF RFC 1657 IETF RFC 3060, CIM HTTP, CIM XML, DMI 2.0, CIM Schema v2.10.1
Does your Windows based System Management Services system use the Distributed Management Task Force (DMTF) Common Information Model (CIM)? Does your network management system utilize SNMPv3 Management Framework? Does your system require the GIG-BE to provide guaranteed delivery services? Is your system used internal to the GIG-BE packet core? Will you be managing all Ethernet interfaces on the GIG? Will your system be required to inter-work with other systems using SDH protection schemes? Is your system implementing IGMP Version 3 to support Source Specific Multicast? Does your system use any of the IEEE 802 LAN/MAN technologies: IEEE 802.3, IEEE 802.11, IEEE 802.15, or IEEE 802.16, or does your system use VLAN Bridges within a Bridged LAN infrastructure? Does your system require a protocol to support mobile nodes in DoD IPv6 networks? Does your system require a set of extensions for supporting generic policy based admission control in RSVP? Does your system require mobility support in IPv6 and mechanisms to mitigate the security risks in Mobile IPv6 signaling between Mobile Nodes and Home Agents? Does your system require OTN linear protection? Is your system a router and will it be internal to the GIG-BE network? Is your system using MSDP between Protocol Independent Multicast Sparse Mode (PIM-SM) [PIM-SM] domains to convey information about active sources available in other domains?
IETF Standard 62/IETF RFC 3417
IETF RFC 3270
8 9 10
IETF RFC 3810 IETF RFC 3635 ITU-T G.842
11
IETF RFC 3376
12
IEEE 802.1Q-2005
13
IETF RFC 3775
14
IETF RFC 2750
15
IETF RFC 3776
16 17
ITU-T G.808.1 (March 2006) IETF RFC 3032
18
IETF RFC 3618
UNCLASSIFIED
Page 47 of 54
19 Will your system need to support Resilient Packet Ring or will your system interface with metropolitan or wide area Ethernet networks? Does your system require an extension of the Internet Control Message Protocol (ICMP) to enable hosts attached to multicast or broadcast networks to discover the IP addresses of their neighboring routers? Does your system require access to the Land Mobile Radio (LMR) to enable Public Safety officials to communicate, in a secured or encrypted way, with each other in order to protect their operations in any emergency situation? Will your system signal over a UNI interface to the GIG-BE a request for precedence services? Do you plan on implementing advanced network monitoring capabilities into your system? Do you need to implement a network management system which requires the "control" access rights to network devices? Do you plan on implementing a Policy Based Core Informational Model which is consistent with IETF definitions in your Policy-Based Network Management implementations? Does your system require secure remote access via the Internet or if web services are used for normal secure access, are there any circumstances when they might not be available when needed and where a secure remote login console would provide the necessary management control capability that the SNMP agent may not provide? Does your system implement any IETF-standardized components that are managed collectively by a single SNMP agent, such as routers, switches, hubs or blade servers? Does your network management system manage or monitor IP routers that implement OSPF v2? IEEE 802.17
20
IETF RFC 1256
21
TIA/EIA 102.BAAA-A
22
IETF RFC 3209
23
IETF RFC 3273
24
IETF RFC 3415
25
IETF RFC 3460
26
IETF RFC 4255, IETF RFC 4251, IETF RFC 4252, IETF RFC 4256, IETF RFC 4253, IETF RFC 4254
27
IETF RFC 4133
28
IETF RFC 4750
Technical Data Interchange (graphics)

1 Does the application require the inclusion of graphical information within XML encoded data? Can this standard be used to capture and transmit fault information from a weapon system? Scaleable Vector Graphics v1.1
S1000D 2.3
Transaction Processing
UNCLASSIFIED
Page 48 of 54
1 Does your system require guaranteed delivery services from the GIG BE or does your system require preemption services from the GIG-BE or does your system set the DiffServ Code Points or TOS bits in the IP Datagram? Will your system implement Electronic Records Management? IETF RFC 2918 , IETF RFC 2863 , IETF RFC 2439
DoD 5015.02-STD:2007
Transport-Oriented (quality of service)

1 Will your IP-based networks require Quality of Service (QoS) standards? IETF RFC 2210, IETF RFC 3168, IETF RFC 3175, IETF RFC 2474, IEEE Std. 802.1D:2004, IETF RFC 2205, IETF RFC 2207, IETF RFC 3031 ITU-T P.800, ITU-T P.862
Will your IP-based networks require Quality of Service (QoS) standards for voice services within the DSN? Does your system require guaranteed IP transport services from the GIG-BE or does your system class mark IP packets using the DSCP/CSCP bits with the IPv4/v6 Datagram? Does your system require IP network transport using multiple IP connections to ensure increased reliability? Does your system require guaranteed delivery services from the GIG BE or does your system require preemption services from the GIG-BE or does your system set the DiffServ Code Points or TOS bits in the IP Datagram? Will your system be used as a label switched router in the GIGBE or will your system signal over a UNI interface to the GIGBE a request for precedence services? In order to define CoS, does your system mark the DSCP/CSCP or TOS bits or does your system require the GIGBE to provide guaranteed delivery services? In order to define CoS, does your system mark the DSCP/CSCP or TOS bits? Does your system need to support GMPLS or will your system require automated provisioning services from the GIG-BE or does your system interface to the GIG-BE control plane via the UNI? Will your system interface to the GIG-BE as an autonomous system and switch MPLS packets or will your system run BGP with the GIG-BE border router and switch MPLS packets? Are you converting analog data to digital for transmission? Do you use NCIDS or is Quality of Service a required capability?
IETF RFC 3140
IETF RFC 4960
IETF RFC 2597
IETF RFC 3270
IETF RFC 3246
IETF RFC 3473
10
IETF RFC 3107
11 12
ITU-T G.733 IETF RFC 3181 , IETF RFC 3182 , IETF RFC 2961 , IETF RFC 3703, IETF RFC 2215
UNCLASSIFIED
Page 49 of 54
13 Are you using RSVP and SIP protocols in your application or are you planning to use voice over IP and other on line multimedia applications? Will there be planning, organizing and managing the Policy Quality of Service (QoS) Information Model? Will you be in charge of selection and conditioning of traffic in the datapath spans both major QoS architectures: Differentiated Services and Integrated Services? Does your system provide multi-party applications, call control, and call services in a distributed peer-to-peer fashion? Does your system require attended call transfer or call-pickup? Does your system use Local Session Controllers(LSCs), Assured Real Time Services (ARTS) Softswitches(SS), or Edge Boundary Controllers (EBCs)? IETF RFC 3524
14
15
IETF RFC 3670
16
IETF RFC 3891
User (Physical/Cognitive)
1 Does your system display Common Warfighting Symbology at the user interface? MIL-STD-2525C
User Interface Services

1 Does your system provide a Common Desktop Environment (CDE) as its POSIX user interface? Does your system provide a Microsoft Windows (or Windows compliant) user interface? Does your weapons system require National Geospatial Intelligence Agency (NGA) generated map data? Are you representing languages in your application? Does your system provide both national and international VoIP call services over internet or ISDN circuit switched data network? C903
Win32 APIs-Current
WSTAWG MDLS, IETF RFC 1997
4 5
ISO 639-2:1998 ITU-T Rec. Q.850, May1998
Video Teleconferencing
1 Does your system include video teleconferencing or Multipoint Control Units (MCUs)? Does your system require use of motion video or video conferencing? ITU-T G.722.1:2005, ITU-T G.728, ITU-T H.261, ITU-T G.711 ITU-T H.263, January 2005
UNCLASSIFIED
Page 50 of 54
3 Does your Video Teleconferencing Units and Multipoint Control Units operate over packet-based tcp/ip networks? ITU-T T.122:1998, ITU-T H.245 (07/2003), ITU-T H.245 (11/2000), ITU-T H.225.0:2003, ITU-T H.225.0:2000, ITU-T T.81, ITU-T T.127, ITU-T T.124:1998, ITUT T.123:1999, ITU-T T.125:1998, ITU-T T.120, ITU-T H.323:2000, ITU-T H.248, IETF RFC 3261, ITU-T T.126:1997, ITU-T T.128 IETF RFC 3550
Will your system be supporting Voice over IP, or will your system be supporting VTC, or does your system require realtime data transport? Does your system use require on-demand or real time video and audio streaming or will your system be supporting Voice over IP? Do your VTC terminals operate on IP-based broadcast-quality video at rates of less than 1 Mbps? Will your system be required to handle multimedia sessions or VoIP? Does your system include video teleconferencing (VTC) or Multipoint control units or VTC gateways or gatekeepers? Does your system use VoIP or does your voice traffic require low data rates or traverse a satellite link or low bandwidth network circuit? Does your system require Internetworking between Session Initiation Protocol (SIP) and Bearer Independent Call Control Protocol or ISDN User Part? Does your system require Session Initiation Protocol (SIP) in the Authenticated Identity Body (AIB) format? Does your system require ISDN to pass the signaling messages between the router and the ISDN switch at the local CO with Call control and Management? Does your system require SDP routing for SAP, SIP, or RTSP use? Does your system require a description to perform the mapping between two signaling protocols: the Session Initiation Protocol (SIP) and the Integrated Services Digital Network (ISDN) User Part (ISUP) of Signaling System No. 7 (SS7)? Do you use or interface with payload 64 KB/S or does your ISDN data terminal produce data not compatible with nonlinear encoding used in voice or do you need a payload format transparent transport for a 64KB/S data stream?
IETF RFC 3605
ITU-T Rec. H.264 (03/2009)
IETF RFC 4566
ITU-T H.323 (07/2003)
ITU-T G.729
10
ITU-T Rec. Q.1912.5
11
IETF RFC 3893
12
ITU-T Rec. Q.931, May 1998, ITU-T Rec. Q.921, September 1997
13
IETF RFC 3890
14
IETF RFC 3398
15
IETF RFC 4040
UNCLASSIFIED
Page 51 of 54
Web Services
1 2 3 Does your network connect to the Internet? Does your system use web services? Do you require a common reference for interoperable text manipulation on the World Wide Web, building on the Universal Character Set, defined jointly by the Unicode Standard and ISO/IEC 10646? Does your system, product, application or service need to interoperate with Content Staging? Does your system need to test whether the information content of an XML document or XML document subset has been changed? Do you need to describe the capabilities and preferences of your device for use with content delivery? Do you need to split XML documents into smaller manageable chunks and then be able to merge them back together? Is your HTML expected to evolve into XML applications? IETF RFC 1738, IETF RFC 2616 OASIS WS-BusinessActivity 1.1 CharModel:2005
IETF RFC 3530
W3C Canonical XML 1.0
W3C CC/PP: Structure and Vocabularies 1.0 W3C XInclude 1.0
W3C XHTML 1.0, XSLT 1.0, CSS2:1998, XHTML 1.1: 31 May 2001 DOM Level 3 W3C, XML 1.1:2004, XML 1.0 (Third Edition) XSLT 1.0 XML-Encryption W3C
Does your system require document interchange of XML documents? Will you be transforming XML through the use of Style Sheets? Does your system require encryption algorithms for XMLencoded data? Does your system require the use of XML tags with the same name but different semantics? Does your system require locating and selecting elements and data from XML documents? Is your system required to support formally-specified access control policies or does your system require the application of access control policies for Web services access or XML-based communications? Does your system require the exchange of assertions (information) about user authentication, attributes or authorization, such as between online business partners? Does your system require web-enabled access to the file system?
10 11
12
Namespaces in XML 1.1
13
XPath 2.0:2007, XPATH 1.0
14
XACML 2.0 OASIS
15
SAML 2.0 OASIS
16
IETF RFC 3253
UNCLASSIFIED
Page 52 of 54
17 Does the system need to perform identity service discovery and invocation? Does your system require publishing and discovery of web services? Does your system require state management and sessions during http connectivity? Does your net-centric application require integration with a Portal? Does your net-centric application require peer-to-peer messaging capabilities to communicate with other applications? Does your system require support for portlets? Would remote configuration or monitoring of application software, systems, networks, databases, or hardware be important to your mission? Do you need a language for specifying, visualizing, constructing, and documenting the artifacts of software systems or what are the best engineering practices with regards to the modeling of large and complex systems? Does your application require multiple subscribers to a single SOAP message, where the message producer does not need to know about the message subscribers? Does your system require the interoperability in the exchange of information using SOAP, WSDL, UDDI, SSL 3.0/TLS 1.0, HTTP, or X.509? Does this application use Web Services implemented with SOAP or is there a need for end-to-end message content security and not just transport-level security? Does your system require exchanging SOAP messages with guaranteed delivery, no duplicates, and guaranteed message ordering ? Is there a requirement to adhere to interoperable metadata standards, is there a need to describe resources that enable more intelligent information discovery systems? Does your system require notification to an existing web service? Does your system require support for message transmission through networks that include processing nodes such as endpoint managers, firewalls, and gateways in a transportneutral manner? ID-WSF 2.0
18
UDDI 3.0.2
19
IETF RFC 2965
20
JSR-168
21
JSR-914
22 23
WSRP OASIS WSDM V1.0
24
UML 2.2
25
OASIS WS-BaseNotification 1.3
26
WS-I Basic Profile 1.1
27
WS-Security 1.1
28
WS-Reliability 1.1
29
ISO 15836:2003
30
WS-Eventing
31
W3C WS Addressing 1.0 - Core
UNCLASSIFIED
Page 53 of 54
32 Is there a need to create user accounts and validate users as part of a web-services based infrastructure or does the system require web services such as Single Sign-On? Does the system interact share data or interoperate with other systems or services in a net-centric environment regardless of the Information Assurance classification of the system or users? Does your system/application require web based security services? Do you need to transform or generate XML from another XML source, or do you need more XML transformation operations than those provided by XSLT 1.0, such as content grouping and true datatype recognition during processing? Do you use several web services together in a combined work process or do you want to pass the output of one (or more) web service(s) automatically into another web service(s) without changing or recoding the web services themselves? Does your application use WS-Notification and need an intermediate message broker that sends messages to multiple consumers on behalf of the message producers? Does your application use WS-Notification and require multiple ways to define which topics a user wants to subscribe for messages? Does your application need to define Qualilty of Service parameters in the WSDL or need a standard way to describe REST Web Services? Does your application use WSDL 2.0 and benefit from the normative message exchange patterns like In-Only and InOut? Do your services need to specify certain criteria that must be met before service consumers can connect, e.g. security and reliability or need to specify connection policies that cannot be expressed in a WSDL? Does my application need to access computer and network resources remotely using Web Services? Do you need to transport messages over protocols other than HTTP/HTTPS or can a single message be delivered to recipients over multiple transport protocols or do you need a callback mechanism for asynchronous invocation? OASIS SPML v2.0
33
OWL, SPARQL Query Language for RDF:2008
34
OASIS WS-Trust 1.3, OASIS WSSecurityPolicy 1.2 XSLT 2.0:2007
35
36
OASIS WS-BPEL v2.0
37
OASIS WS-BrokeredNotification 1.3
38
OASIS WS-Topics 1.3
39
W3C WSDL 2.0 Pt. 1
40
W3C WSDL 2.0 Pt. 2
41
W3C WS-Policy 1.5 - Framework
42
DMTF WS-Management 1.0.0
43
W3C WS-Addressing 1.0 Metadata, W3C WS-Addressing 1.0 SOAP Binding
UNCLASSIFIED
Page 54 of 54

Secure Questionnaire 10 1.0

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Secure Questionnaire 10 1.0

Transféré par

Droits d'auteur :

Formats disponibles

UNCLASSIFIED PROFILING QUESTIONNAIRE DISRonline 10-1.0 Be aware not all questions have a standard associated with them.

Does your system need to transmit event messages?

Application-specific Data Interchange

FM 94-X Ext. BUFR WMO No. 306

UNECE Recommendation No. 20

STANAG 4575 Ed. 3

Valid Date Promulgation Memo Signed

IETF RFC 5023

Architectures and Applications

OMG SysML v1.1

OMG UPDM v1.0

Core Architecture Data Model (CADM) 1.03

OASIS ebXML RS v3.0, OASIS ebXML RIM v3.0

Valid Date Promulgation Memo Signed

Audio Data Interchange

ITU-T P.800, ITU-T P.862

IETF SIMPLE, IETF XMPP

IETF RFC 4028

IETF RFC 3312

IETF RFC 3515 IETF RFC 4032

ITU-T Rec. H.235.1

ITU-T Rec. H.235.8 (09/05)

ITU-T Rec. Q.1912.5

IETF RFC 3893

ITU-T Rec. Q.921, September 1997

IETF RFC 3890

Valid Date Promulgation Memo Signed

ITU-T Rec. Q.931, May 1998

CMS/XML Digital Signature Profiles v1.1

IETF RFC 3161 IETF RFC 3852

IETF RFC 2560

IETF RFC 5035 FIPS Pub 198

IETF RFC 4523 IETF RFC 5304

IETF RFC 5310

Valid Date Promulgation Memo Signed

Aviation: Air Traffic Management

DoD AIMS 97-900, DoD AIMS 03-1000

Valid Date Promulgation Memo Signed

Does your Aviation system require microwave landing aids?

STANAG 4586 Ed. 2

Backplanes and Busses

CompactPCI MIL-STD-1553B SAE J1939

SAE J1587, SAE J1708

Valid Date Promulgation Memo Signed

Does your system use Fibre Channel to transfer data?

Bindings/Object Code Linking

Biometric Technology Services

ISO/IEC 19794-2:2005 , ISO/IEC 197944:2005

ISO/IEC 19794-5:2005 w/ Amd 1:2007

ANSI/INCITS 377-2004, ANSI/INCITS 3812004, ANSI/INCITS 378-2004

ISO/IEC 19785-2:2006, ISO/IEC 197851:2006

ISO/IEC 19784-2:2007, ISO/IEC 197841:2006 w/ Amd 1:2007

Valid Date Promulgation Memo Signed

NIST Special Publication 800-76-1

ANSI INCITS 385-2004

ANSI INCITS 398-2008

IDENT IXM v2.0

C4ISR: Payload Platform

IEEE 1394, IEEE 1394b, IEEE 1394a

IESS-309 Rev. 7 IESS-310 Rev. 2

Valid Date Promulgation Memo Signed

Calendaring and Scheduling

Cryptographic Key Management