Final FMN Spiral 3 Specification

FMN Spiral 3 Service Instructions

for Geospatial Information

26 October 2018 Page 1

Service Instructions for Geospatial Information Disclaimer

Disclaimer

This document is part of the Spiral Specifications for Federated Mission Networking (FMN). In the
FMN management structure it is the responsibility of the Capability Planning Working Group
(CPWG) to develop and mature these Spiral Specifications over time. The CPWG aims to provide
spiral specifications in biennial specification cycles. These specifications are based on a realistic
time frame that enables all affiliates to stay within the boundaries of the FMN specification:

• Time-boxing based on maturity and implementability, with a strong focus on backwards

compatibility and with scalability - providing options to affiliates.
• The principle of "no affiliate left behind", aspiring to achieve affiliate consensus, but no lowest
(non-)compliant hostage taking.
• The fostering of a federated culture under the presumption of "one for all, all for one". Or in a
slightly different context: "a risk for one is a risk for all".
Every FMN Spiral has a well-defined, agreed objective to define the scope and an agreed
schedule. The FMN Spiral Specifications consist of a requirements specification, a reference
architecture, standards profile and a set of instructions. That is where this documents fits in. It is
created for one specific spiral, while multiple spirals will be active at the same time in different
stages of their lifecycle. Therefore, similar documents may exist for the other active spirals.
If you have any questions about Federated Mission Networking, about the Capability Planning
Working Group or about any of its documents, please contact the CPWG representative in the
FMN Secretariat.

26 October 2018 Page 2

Service Instructions for Geospatial Information Table of Contents

Table of Contents
1 Introduction 4
2 References 5
3 Description 6
4 Definitions 7
5 Standards 9
5.1 FMN Spiral 3 Geospatial Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6 Conceptual System Description 12
7 Dependencies 15
7.1 Procedural Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.2 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
8 Requirements 16
8.1 Service Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
8.2 Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
9 Procedures 18
9.1 Federated Geospatial Information Management Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
10 Roles and Responsibilities 19
11 Configuration Options 20
11.1 Geospatial Information Service Management Authority Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
11.2 Geospatial Information Service Provider Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

26 October 2018 Page 3

Service Instructions for Geospatial Information 1 Introduction

1 Introduction
This Service Instructions provide guidance as to the procedures, supporting services, infrastructure and data attributes
required to implement geospatial services in federated Mission Networks. As such, this document contributes to the
establishment of capabilities in support of Federated Mission Networking (FMN) as an affordable, effective and efficient
means to enable sharing of information in a coalition environment.

26 October 2018 Page 4

Service Instructions for Geospatial Information 2 References

2 References
• GeoRSS Geography Markup Language - GeoRSS Geography Markup Language
• GeoRSS Simple - GeoRSS Simple
• GeoTIFF Revision 1.0 - GeoTIFF Format Specification, GeoTIFF Revision 1.0, Specification Version 1.8.2, 28 December
2000
• ISO/IEC 15444-1 - JPEG 2000 image coding system: Core coding system
• MIL-PRF-89020B - Performance Specification: Digital Terrain Elevation Data (DTED)
• MIL-PRF-89033 - Performance Specification: Vector Smart Map (VMAP) Level 1
• MIL-PRF-89038 - Performance Specification: Compressed Arc Digitized Raster Graphics (CADRG)
• MIL-PRF-89039 - Performance Specification: Vector Smart Map (VMAP) Level 0
• MIL-STD-2411 - Department of Defense Interface Standard: Raster Product Format
• OGC 05-047r3 - OpenGIS GML in JPEG 2000 for Geographic Imagery Encoding Specification
• OGC 06-042 - OpenGIS Web Map Service (WMS) Implementation Specification
• OGC 07-057r7 - OpenGIS Web Map Tile Service Implementation Standard
• OGC 07-147r2 - Keyhole Markup Language
• OGC 09-025r2 - OpenGIS Web Feature Service 2.0 Interface Standard
• OGC 12-128r12 - GeoPackage Encoding Standard

26 October 2018 Page 5

Service Instructions for Geospatial Information 3 Description

3 Description
The Service Instructions for Geospatial Web Services cover the establishment of a federated Spatial Data Infrastructure
(SDI). SDI is defined as technologies, policies, standards, human resources, and related activities necessary to acquire,
process, distribute, use, maintain, and preserve network enabled location based data in a standardized way.
Only the following Geo Web Services are considered in the scope:

• Web Map Services (WMS) v1.3.0;

• Web Feature Services (WFS) v2.0.0;
• Web Map Tile Services (WMTS) v1.0.0.
The following Geospatial Web Service functionality and its usage is explicitly out of the scope:

• Web Coverage Services (WCS);

• Cascading Geospatial Web Services;
• Stored Queries for Geospatial Web Services;
• Supports only named Layers and Styles, does not include a mechanism for user-defined symbolization of feature data;
This service instruction also covers Geospatial Services for File based storage and exchange of digital geospatial vector
data; and Web Hosting Services for the delivery of geospatial content to web sites and user agents.

26 October 2018 Page 6

Service Instructions for Geospatial Information 4 Definitions

4 Definitions
Term Definition
Feature In cartography, any object or configuration of ground or water represented on the face of the map
or chart.
GIS Server A server that provides Geo Web Services like WMS, WFS, WMTS and WCS
Geospatial Facts about the earth referenced by geographic position and arranged in a coherent structure.
Information Geospatial information includes products, data, publications and materials based on topographic,
aeronautical, hydrographic, planimetric, relief, thematic, geodetic, and geophysical information,
including geo-referenced imagery and may be available in either analogue or digital formats.
Geospatial Web (Service) The Geospatial Web Feature Services provide interfaces for describing data
Feature Services manipulation operations (e.g. Create, Delete, Update, Get or Query) on geospatial features which
are primarily based on vector data.
Geospatial Web (Service) The Geospatial Web Map Services provide a HTTP interface for requesting
Map Services geo-registered map images from one or more distributed geospatial databases. A WMS request
defines the geographic layer(s) and area of interest to be processed. The response to the request
is one or more geo-registered map images. Typical image formats for the map result are PNG,
JPEG, GIF or SVG. There are open source WMS Servers such as UMN Mapserver and Mapnik.
Commercial alternatives exist from most commercial GIS vendors, such as ESRI ArcIMS, ArcGIS
Server, GeoClip, Intergraph Geomedia WebMap, and others.
Geospatial Web (Service) The Geospatial Web Map Tile Services provide access to cartographic maps using
Map Tile Services predefined image tiles. Geospatial Web Map Tile Services provide a complementary approach to
the Geospatial Web Map Services for tiling maps.
Geospatial Web Map Services focus on rendering custom maps and is an ideal solution for
dynamic data or custom styled maps. Geospatial Web Map Tile Services trade the flexibility of
custom map rendering for the scalability possible by serving of static data (base maps) where the
bounding box and scales have been constrained to discrete tiles which enables the use of
standard network mechanisms for scalability such as distributed cache systems to cache images
between the client and the server, reducing latency and bandwidth use.
The service advertises the tiles it has available through a standardized declaration in the
ServiceMetadata document common to all geospatial web services. This declaration defines the
tiles available in each layer (i.e. each type of content), in each graphical representation style, in
each format, in each coordinate reference system, at each scale, and over each geographic
fragment of the total covered area. The ServiceMetadata document also declares the
communication protocols and encodings through which clients can interact with the server. Clients
can interpret the Service Metadata document to request specific tiles.
Map A graphic representation, usually on a plane surface, and at an established scale, of natural or
artificial features on the surface of a part or the whole of the earth or other planetary body. The
features are positioned relative to a coordinate reference system.
Mission Network Single governed capability, including the communication and information systems, management,
(MN) processes and procedures created for the purposes of an operation, exercise, training event,
and/or interoperability verification activity, using a flexible and tailored set of non-materiel (policy,
processes, procedures and standards) and materiel (static and deployed networks, services,
supporting infrastructures) contributions provided by NATO, NATO and non-NATO nations and
entities participating in operations.

26 October 2018 Page 7

Service Instructions for Geospatial Information 4 Definitions

Mission Network (Role) The Mission Network Service Management Authority (MNSMA) is a central role in a Mission
Service Network which is assigned by the Lead Commander based on delegated authority from all mission
Management network participants.
Authority
• The MNSMA is accountable for the design, provision, management, security, and provision of
oversight and control of Information and Communications Services in a coherent, effective and
coordinated manner within its designated Area Of Responsibility (AOR).
• The MNSMA MUST establish a standardized Service Management Framework (SMF) for the
MN to execute its functions and may delegate selected responsibilities to either internal or
external organizations in order to provide the desired end-to-end effect.
Network Service Network services are necessary for sharing spatial data between the various levels of public
authority in a federated environment. For these services interoperability is requested, which means
the possibility for services to interact, without repetitive manual intervention.
Service Provider (Role) An organization supplying Services to one or more Internal Customers or External
Customers. Service Provider is often used as an abbreviation for IT Service Provider (ITIL v3).
In the context of FMN, a Service Provider is referring to a nation or organization federating its
network and/or systems in a federation of Mission Networks, and which is providing one or more
services to its own users and other users on the Mission Network. It may also refer to a person
representing the service-providing nation/organization or to the network segment and/or the
particular system that provides the service.
Spatial Data The technology, policies, standards, human resources, and related activities necessary to acquire,
Infrastructure (SDI) process, distribute, use, maintain, and preserve network enabled location based data in a
standardized way.

26 October 2018 Page 8

Service Instructions for Geospatial Information 5 Standards

5 Standards
The instructions described in this document are based on the following profiles. These profiles are normative, i.e. considered
a prescriptive part in joining a Mission Network.

5.1 FMN Spiral 3 Geospatial Profile

Geospatial Services deliver network-based access to quality raster, vector and terrain data, available in varying degrees of
format and complexity. Geospatial Services form a distinct class of information services through their unique requirements for
collecting, converting, storing, retrieving, processing, analysing, creating, and displaying geographic data.

Profile Details
Geospatial Web Feeds Profile
The Geospatial Web Feeds Profile provides standards and guidance for the delivery of geospatial content to web sites
and to user agents, including the encoding of location as part of web feeds.
Feed processing software is required to either read or ignore these extensions and shall not fail if these extensions are
present, so there is no danger of breaking someone's feed reader (or publisher) by including this element in a feed.
Services Web Hosting Services
Standards Mandatory
GeoRSS Simple encoding for "georss:point", "georss:line", "georss:polygon", "georss:box".

• GeoRSS Simple - "GeoRSS Simple"

Recommended
GeoRSS GML Profile 1.0 a GML subset for point "gml:Point", line "gml:LineString", polygon
"gml:Polygon", and box "gml:Envelope".
In Atom feeds, location shall be specified using Atom 1.0's official extension mechanism in
combination with the GeoRSS GML Profile 1.0 whereby a "georss:where" element is added as a
child of the element.

• GeoRSS Geography Markup Language - "GeoRSS Geography Markup Language"

Implementation Geography Markup Language (GML) allows to specify a coordinate reference system (CRS) other
Guidance than WGS84 decimal degrees (lat/long). If there is a need to express geography in a CRS other than
WGS84, it is recommended to specify the geographic object multiple times, one in WGS84 and the
others in your other desired CRSs.
For backwards compatibility it is recommended to also implement RSS 2.0.
Web Map Tile Service Profile
The Web Map Tile Service standard and guidance provides a standardized protocol for serving pre-rendered
georeferenced map tiles over the Internet.
Services Geospatial Web Map Tile Services
Standards Mandatory
version 1.0

• OGC 07-057r7 - "OpenGIS Web Map Tile Service Implementation Standard"

Implementation Additional implementation guidance:
Guidance
• STANAG 6523 Edition 1
• NCIA Technical Instruction "AI TECH 06.02.14 Service Interface Profile for Geospatial Services -
Map Rendering Service"

26 October 2018 Page 9

Service Instructions for Geospatial Information 5 Standards

Web Feature Service Profile

The Web Feature Service standard and guidance provides a standardized interface for geodata provision in a defined
format over a network connection.
Services Geospatial Web Feature Services
Standards Mandatory
With Corrigendum – version 2.0.2, 07/10/2014

• OGC 09-025r2 - "OpenGIS Web Feature Service 2.0 Interface Standard"

Implementation Additional Implementation Guidance:
Guidance
• STANAG 6523 Edition 1
• DGIWG – 122, DGIWG - Web Feature Service 2.0
Web Map Service Profile
The Web Map Service standard and guidance provides a standardized interface for geodata provision in a defined
format over a network connection
Services Geospatial Web Map Services
Standards Mandatory

• OGC 06-042 - "OpenGIS Web Map Service (WMS) Implementation Specification"

Implementation Additional Implementation Guidance:
Guidance
• STANAG 6523 Edition 1
• NCIA Technical Instruction "AI TECH 06.02.14 Service Interface Profile for Geospatial Services -
Map Rendering Service"
Geospatial Data Exchange Profile
Geospatial data are being produced by different organisations and need to be exchanged between different participants
using standardized exchange formats. These datasets would then be loaded into specialised geospatial information
systems (GIS) and published via standardized Web Services (e.g. WMS or WMTS for raster data/maps).
Services Geospatial Services

26 October 2018 Page 10

Service Instructions for Geospatial Information 5 Standards

Standards Mandatory
File based storage and exchange of digital geospatial vector data:

• OGC 07-147r2 - "Keyhole Markup Language"

Recommended
File exchange of digital vector data:

• MIL-PRF-89039 - "Performance Specification: Vector Smart Map (VMAP) Level 0"

• MIL-PRF-89033 - "Performance Specification: Vector Smart Map (VMAP) Level 1"
Recommended
File geodatabases store geospatial datasets and can hold any number of these large, individual
datasets. File geodatabases can be used across multiple platforms. Users are rapidly adopting file
geodatabases in place of using legacy shapefiles.

• OGC 12-128r12 - "GeoPackage Encoding Standard"

Recommended
File exchange of digital raster data:

• MIL-PRF-89038 - "Performance Specification: Compressed Arc Digitized Raster Graphics

(CADRG)"
• MIL-STD-2411 - "Department of Defense Interface Standard: Raster Product Format"
• MIL-PRF-89020B - "Performance Specification: Digital Terrain Elevation Data (DTED)"
• ISO/IEC 15444-1 - "JPEG 2000 image coding system: Core coding system"
Mandatory
File based storage and exchange of digital geospatial mapping (raster) data.

• GeoTIFF Revision 1.0 - "GeoTIFF Format Specification, GeoTIFF Revision 1.0, Specification
Version 1.8.2, 28 December 2000"
• OGC 05-047r3 - "OpenGIS GML in JPEG 2000 for Geographic Imagery Encoding Specification"
Implementation The direct exchange of data (via automated or manual file transfer) is to be considered only in case
Guidance of limited connectivity (no regular access to the network).
Often the exchange of large geospatial (raster) data sets between Geo organizations of different
Mission Participants is conducted in proprietary formats such as:

• Shapefile (ESRI), technical description at

https://www.esri.com/library/whitepapers/pdfs/shapefile.pdf
Or proprietary compression image formats such as:

• Multi-resolution seamless image database format (MrSID Generation 3), technical description at
https://www.loc.gov/preservation/digital/formats/fdd/fdd000184.shtml. Data in MrSID format could
be transformed to GeoTIFF. The JPEG 2000 image compression standard offers many of the
same advantages as MrSID, plus the added benefits of being an international standard (ISO/IEC
15444).
• Erdas Compression Wavelet (ECW) which is optimized for aerial and satellite imagery.

26 October 2018 Page 11

Service Instructions for Geospatial Information 6 Conceptual System Description

6 Conceptual System Description

Problem:
The provision of geodata is a central aspect in a federated, heterogeneous environment. This brings the challenge of
providing the data in a standardized way across network with different client systems.
Solution:
The use of Geo Web Services like Web Map Service and Web Feature Service has emerged as the preferred approach. A
spatial data infrastructure (SDI) provides network enabled geodata in a standardized way. A SDI is based on the tier of a
service oriented architecture.
Service Usage Patterns

The usage of Geo Web Services in a federated environment follows typical Provider-Consumer (client-server) pattern, where
users using various map viewing applications retrieve, create and modify geospatial information through the services
provided by the federation participants.
Geo Web Services infrastructure

Data diffusion through web services in a SDI is organized in different levels:

• The Data Layer: The data layer consists of different databases which include the different spatial objects. In principle,
every spatial object in a spatial data set needs to be described by a data specification specifying the semantics and the
characteristics of the types of spatial objects in the data set. The spatial object types provide a classification of the spatial
objects and determine among other information the properties that any spatial object may have (be they thematic, spatial,
temporal, a coverage function, etc.) as well as known constraints (e.g. the coordinate reference systems that may be used
in spatial data sets). This information is, in principle, captured in an application schema using a conceptual schema
language, which is a part of the data specification.

26 October 2018 Page 12

Service Instructions for Geospatial Information 6 Conceptual System Description

• The Service Layer: The service layer provides the spatial objects, stated in the data layer, via different network services
like WMS, WFS, WMTS and WCS. The Network services are necessary for sharing spatial data between the various
levels of federation participants. For these services interoperability is requested, which means the possibility for services
to interact, without repetitive manual intervention.
• The App Layer: The Application Layer consists of different Clients/C2/C3 systems used by the federation participants.
They connect over a network to the Service Layer. Every participant is responsible for its own App Layer. It might be
considered that within an federated environment a common Geoportal will be established to share geoinformation.
In order to provide WMS, WFS, WMTS and WCS a common data source needs to be established within the federated
environment. Usually this is based on a database which provides and supports geospatial functionality.
Web Map Service
A Web Map Service (WMS) provides maps of spatially referenced data dynamically from geospatial information. The service
is based on an ISO standard and defines a “map” to be a portrayal of geographic information as a digital image file suitable
for display on a computer screen. A map is not the data itself. WMS-provided maps are generally rendered in a pictorial
format such as PNG, GIF or JPEG, or occasionally as vector-based graphical elements in Scalable Vector Graphics (SVG).
The service provides three queries/operations:

• GetCapabilities: Returns service-level metadata;

• GetMap: Returns a map in a defined digital format for the display on a computer screen
• GetFeatureInfo (optional): Returns information about particular features (spatial objects) shown on a map.
Web Map Service operations can be invoked using a standard web browser by submitting requests in the form of Uniform
Resource Locators (URLs). The content of such URLs depends on which operation is requested. In particular, when
requesting a map the URL indicates what information is to be shown on the map, what portion of the Earth is to be mapped,
the desired coordinate reference system, and the output image width and height. When two or more maps are produced with
the same geographic parameters and output size, the results can be accurately overlaid to produce a composite map. The
use of image formats that support transparent backgrounds (e.g. GIF or PNG) allows underlying maps to be visible.
Furthermore, individual maps can be requested from different servers. The Web Map Service thus enables the creation of a
network of distributed map servers from which clients can build customized maps. A basic WMS classifies its geographic
information holdings into “Layers” and offers a finite number of predefined “Styles” in which to display those layers..
Web Feature Service
The Web Feature Service (WFS) is able to create, modify and exchange spatial features on the network. Rather than sharing
geographic information at the file level using File Transfer Protocol (FTP), the WFS offers direct fine-grained access to
geographic information at the feature and feature property level. A WFS provides a service interface for accessing and writing
geospatial data and is usually delivered in GML (geography mark-up language) format. Features normally have unique
identifiers and can be accessed in groups using relationships e.g. all roads within a national boundary. The International
Standard specifies discovery operations, query operations, locking operations, transaction operations and operations to
manage stored, parameterized query expressions. This Standard defines five queries/operations:

• GetCapabilities: Discovery operations allow the service to be interrogated to determine its capabilities and to retrieve the
application schema that defines the feature types that the service offers.
• GetFeature: Query operations allow features or values of feature properties to be retrieved from the underlying data store
based upon constraints, defined by the client, on feature properties.
• LockFeature Locking operations allow exclusive access to features for the purpose of modifying or deleting features.
• Transaction operations allow features to be created, changed, replaced and deleted from the underlying data store.
• Stored query operations allow clients to create, drop, list and described parameterized query expressions that are stored
by the server and can be repeatedly invoked using different parameter values.
In the taxonomy of services defined in ISO 19119, the WFS is primarily a feature access service but also includes elements
of a feature type service, a coordinate conversion/transformation service and geographic format conversion service.
Above functionality will support the following scenarios:

• support for Web Feature Service Transactional (WFS-T). The WFS-T uses network technology to edit, update and delete
features using a GIS-client.

26 October 2018 Page 13

Service Instructions for Geospatial Information 6 Conceptual System Description

Web Map Tile Service

The Web Map Tile Service (WMTS) is a standard based solution to serve digital maps using tile images with predefined
content, extent and resolution over the Internet.
WMTS trades the flexibility of custom map rendering for the scalability possible by serving of static data (base maps) where
the bounding box and scales have been constrained to discrete tiles. The fixed set of tiles allows for the implementation of a
WMTS service using a web server that simply returns the existing files. The fixed set of tiles also enables the use of standard
network mechanisms for scalability such as distributed cache systems. It may be useful for providing WMS capability to
clients connected to servers over constrained communications with appropriate caching implementations.
Geo Web Service infrastructure interoperability
To support Geo Web Service interoperability, each participant will perform an OGC and STANAG Compliance Tests based
on the test definitions available from OGC. The results of the tests need to be shared with the other federation participants.

26 October 2018 Page 14

Service Instructions for Geospatial Information 7 Dependencies

7 Dependencies
7.1 Procedural Instructions
The following Procedural Instructions depend on the Geospatial Information Services. Refer to these documents for detailed
information and requirements.

Instruction
Procedural Instructions for C2
of Maritime Operations
Procedural Instructions for
Recognized Environmental
Picture
Procedural Instructions for
Situational Awareness
Dependency
Geospatial products for use in the mission are defined, however Geospatial services
MUST NOT be used for sharing information that is already made available via other
services such as Joint C3 Information Exchange Services or Picture Distribution
Services.
REP products shall be provided using common geospatial standards, product formats
and catalogues as described in these instructions.
Geospatial data forms the common basis for the COP and cross COI SA. Geospatial
services MUST NOT be used for sharing information that is already made available via
other services such as Land C2 Information Exchange Services or Picture Distribution
Services.

7.2 Prerequisites
The Geospatial Information Services depend on the following underlying services. These underlying services have to be
available in order for Geospatial Information Services to function properly. Refer to their Service Instructions for detailed
information and requirements how to set them up in a mission network.

Service Dependency
Communications Services The Geospatial Web Services depend on the Communication Services to provide
geospatial information to clients.
Default QoS parameters for Web Map Service:

• Application Type: GEO Server

Distributed Time Services
Domain Name Services
• Protocol: HTTP(S)
• Transport Profile: TCP:80, TCP:443
• Service Class: SC1
• Precedence: Priority
• DSCP Bits: 001110
The Geospatial Web Services depend on time synchronisation to ensure that services
are still valid (e.g. not expired). Therefore the Distributed Time Services shall be
operational, and the system clocks synchronised.
The Geospatial Web Services depend on the Domain Name System (DNS) services to
locate federated Geospatial Web Services on the network. Therefore the DNS services
shall be operational and host names resolvable. The Geospatial Web Services servers
DNS names shall be available to the contributing participants.

26 October 2018 Page 15

Service Instructions for Geospatial Information 8 Requirements

8 Requirements
8.1 Service Requirements

No Requirement
REQ-486 (NEW) The Web Map Service Consumer shall be able to request over a network and display selected map
images.
REQ-487 (NEW) The Web Map Service Provider shall respond to requests for selected map images over a network.
REQ-488 (NEW) The Web Feature Service Consumer shall be able to retrieve, display, create and modify spatial
features over a network.
REQ-489 (NEW) The Web Feature Service Provider shall respond to requests to retrieve, create and modify spatial
features over a network.
REQ-490 (NEW) The Web Map Tile Service Consumer shall be able to request and display pre-rendered
georeferenced map tiles over a network.
REQ-491 (NEW) The Web Map Tile Service Provider shall respond to requests for pre-rendered georeferenced map
tiles over a network.
REQ-492 (NEW) The Web Coverage Service Consumer shall be able to retrieve and display multi-dimensional
coverage data.

8.2 Security Requirements

Security Measures / Technical Requirements

REQ-618: Malware Protection for Server
REQ-689 Mandatory: Protection against malicious software is required to include, anti-virus (AV), anti-spyware,
anti-phishing.
REQ-690 Mandatory: using a second, different malware product employing a different detection/protection method
running in the DMZ (i.e. gateways) compared to the malware protection running in the internal network.
REQ-628: TLS and SSH
REQ-700 Mandatory: All network traffic is to be encrypted except for well-defined exception as defined in the
instantiation instructions.
REQ-701 Mandatory: Management of all ICT devices to employ appropriate security (e.g. TLS/SSL).
REQ-702 Mandatory: the version of TLS/SSH identified in the Service Interface Profile (SIP) for TLS is to be
employed.
REQ-629: Strong Authentication
REQ-703 Mandatory: Strong authentication is required for all CIS system administrators and CIS privileged users with
logical access to sensitive/critical resources.
REQ-705 Recommended: Strong authentication is to be used for all users with access to CIS resources.
REQ-633: Intrusion Detection and Prevention System (IDS/IPS) - Host (H) Based
REQ-712 Mandatory: nationally approved host-based IDS/IPS to the level of the classification of the network are to be
deployed.
REQ-713 Recommended: Detection signatures are shared with other affiliates.
REQ-636: (Web) Application Firewall and Other Proxy / Reverse Proxy
REQ-719 Recommended: Implement application firewall and reverse proxy.
REQ-637: System and Security Logging & Auditing - Infrastructure and Servers

26 October 2018 Page 16

Service Instructions for Geospatial Information 8 Requirements

REQ-720 Mandatory: All logging and auditing is to be in line (at least) with national requirements.
REQ-721 Mandatory: Log & audit files are to be held centrally and are to be retained according to National/NATO
regulations.
REQ-722 Mandatory: The standardization of the event log format and the correlation of logs from multiple systems;
the automated smart analysis and automated identification of security events.
REQ-638: System and Security Logging & Auditing - Applications
REQ-723 Mandatory: All logging and auditing is to be in line (at least) with national requirements.
REQ-724 Mandatory: Log & audit files are to be held centrally and are to be retained according to National/NATO
regulations.
REQ-725 Mandatory: The standardization of the event log format and the correlation of logs from multiple systems;
the automated smart analysis and automated identification of security events.
REQ-654: OS security settings
REQ-760 Mandatory: installation of either NCIRC security settings or national equivalent (of at least the same
strength).
REQ-660: Time Synchronization (e.g. NTP)
REQ-770 Mandatory: time shall be kept synchronized in order to (for e.g.) be able to create security audit trails
throughout the federation. The time difference between any two devices active in the federation should
never be higher than 1s. Time stamps for audit records shall be recorded so they can be mapped to UTC.

26 October 2018 Page 17

Service Instructions for Geospatial Information 9 Procedures

9 Procedures
9.1 Federated Geospatial Information Management Process
The Federated Geospatial Information Management Process establishes and maintains the federation of Geospatial Services
in a federated Mission Network.

Process Steps
Activity Role
Provide Web Map Service Service Provider
Provide Web Feature Service Service Provider
Provide Web Map Tile Service Service Provider
Provide a central geospatial data portal Mission Network Service Management
Provide a central geospatial data portal to share information about Authority
availability of geospatial products (maps, layers, schemas, etc,) in a
federation.
Monitor adherence of standard compliance Mission Network Service Management
Authority

26 October 2018 Page 18

Service Instructions for Geospatial Information 10 Roles and Responsibilities

10 Roles and Responsibilities

The table below presents the list of activities performed by roles.

Role Activities
Service Provider Federated Geospatial Information Management Process

• Provide Web Map Service

Mission Network Service
Management Authority
• Provide Web Feature Service
• Provide Web Map Tile Service
Federated Geospatial Information Management Process
• Provide a central geospatial data portal
• Monitor adherence of standard compliance

26 October 2018 Page 19

Service Instructions for Geospatial Information 11 Configuration Options

11 Configuration Options
11.1 Geospatial Information Service Management Authority Form

WMS Provider
1a WMS URL
1b WMS Port (if specified)
1c WMS Compliance ❒ Yes  ❒ No  
1d WMS Compliance
Organization

WFS Provider
2a WFS URL
2b WFS Port (if specified)
2c WFS Compliance ❒ Yes  ❒ No  
2d WFS Compliance Organization

Legend
Field 1a ➡ The URL of the Web Map Service.
Field 1b ➡ The port used by Web Map Service.
Field 1c ➡ WMS Compliance
Field 1d ➡ Compliance Organization.
Field 2a ➡ The URL of the Web Feature Service.
Field 2b ➡ The port used by Web Feature Service.
Field 2c ➡ WFS Compliance
Field 2d ➡ Compliance Organization.

11.2 Geospatial Information Service Provider Form

WMS Provider
1a WMS URL
1b WMS Port (if specified)
1c WMS Version
1d WMS Namespace
1e STANAG Compliance ❒ Yes  ❒ No  
1f OGC Compliance ❒ Yes  ❒ No  

WFS Provider
2a WFS URL
2b WFS Port (if specified)
2c WFS Version
2d WFS Namespace

26 October 2018 Page 20

Service Instructions for Geospatial Information 11 Configuration Options

2e STANAG Compliance ❒ Yes  ❒ No  

2f OGC Compliance ❒ Yes  ❒ No  

WMTS Provider
3a WMTS URL
3b WMTS Port (if specified)
3c WMTS Version
3d WMTS Namespace
3e STANAG Compliance ❒ Yes  ❒ No  
3f OGC Compliance ❒ Yes  ❒ No  

Legend
Field 1a ➡ The URL of the Web Map Service.
Field 1b ➡ The port used by Web Map Service.
Field 1c ➡ The version of Web Map Service.
Field 1d ➡ The namespace of Web Map Service.
Field 1e ➡ STANAG Compliance
Field 1f ➡ OGC Compliance
Field 2a ➡ The URL of the Web Feature Service.
Field 2b ➡ The port used by Web Feature Service.
Field 2c ➡ The version of Web Feature Service.
Field 2d ➡ The namespace of Web Feature Service.
Field 2e ➡ STANAG Compliance
Field 2f ➡ OGC Compliance
Field 3a ➡ The URL of the Web Map Tile Service.
Field 3b ➡ The port used by Web Map Tile Service.
Field 3c ➡ The version of Web Map Tile Service.
Field 3d ➡ The namespace of Web Map Tile Service.
Field 3e ➡ STANAG Compliance
Field 3f ➡ OGC Compliance

26 October 2018 Page 21