HarrierWeb-based Client for Military Messaging
Harrier, Isode's Military Messaging client, provides a modern secure web user interface. Harrier supports Military Messaging using SMTP, STANAG 4406 and ACP 127. Harrier can also be used for general purpose email.
Military Messaging is referenced by various names, including Formal Messaging and High Grade Messaging (HGM). It has been traditionally provided by ACP 127, but SMTP and STANAG 4406 are increasingly used. An example military message displayed by Harrier is shown below.
There are superficial similarities to email, but key service differences can be seen from inspection of the example message.
- Military messages are sent between organizations (not roles or users), reflecting the “command” nature of military messages.
- Military messages have “action” and “information” recipients, which is similar to To:/Cc:, but reflects formal responsibilities.
- Action and Information recipients have independently specified precedence (e.g., “FLASH”) which inform recipients of priority.
- Harrier shows a “due time”, which is based on the precedence of the current recipient, any “reply by” time and message delivery time. This provides an indication to the recipient of when the message needs to be processed by.
- DTG (Date Time Group) shows the formal time that the message takes effect, which can be past or future. Filing time reflects when the message was submitted. Times are shown in a preferred military format with Zulu time zone.
- Security Label is associated with every message.
- Message Type, gives information on exercise/operation to which the message applies.
- SICs (Subject Information Codes) provide formal information on the nature of the message.
- This message contains an ADatP-3/APP-11 Message Text Format (MTF) which can be downloaded as an attachment for processing in a C2 (Command and Control) system.
Email and General Purpose Use
Harrier is built using modern email protocols (IMAP and SMTP) and can be used as a general purpose email interface for communication between roles or users. Harrier provides configuration options to facilitate use for email. It is likely to be of most interest to those needing Harrier features not generally available in email clients, such as security label support, exempted recipient support, and time controls.
Role-Based Mailboxes & Message Distribution
While military messaging provides communication between organizations, mailboxes are role based. Harrier supports role based mailboxes by authenticating users and then allowing the user to select a role-based mailbox that the user is authorized to access. This selection is illustrated below:
Harrier can switch between role-based mailboxes.
When a message is sent to an organization, it will be distributed to role-based mailboxes based on message content and SICs using a profiler, such as the one provided by M-Switch Profiler. Harrier will recognize messages that have been profiled and make this clear to the Harrier user, including whether the recipient is action or info (which can be controlled by the profiler). Harrier can also show a list of all action and info roles to which a profiled message was delivered.
Military Distribution Lists, which provide another message distribution mechanism, split action and info recipients. Harrier will show when a message has been expanded by a military distribution list, and whether the current mailbox is action or info.
Draft, Review and Release
Military messages often make use of a draft and release process to support formal release and approval of messages by an appropriate officer. This linear release process is complemented by a parallel review process, to support drafter-centric review. This is supported by Harrier and described in the Isode whitepaper [Isode’s Draft, Review & Release Solution].
Setting up a system with Harrier requires a good deal of supporting configuration of users, roles, lists and other components. This is done by Isode’s Cobalt product, which is described in the Isode whitepaper [Provisioning for Military Messaging Handling Systems].
Military Message Features and Compose
Harrier provides a message compose facility, which looks like a general purpose email compose with extra fields. Some of the fields in the above screenshot have already been described and others will be familiar from general purpose email. Other fields are:
- Releaser. When a message is being drafted, this specifies the releaser which may be optional or mandatory, based on policy/configuration.
- Reviewers. An optional list of reviewers, who will review the message before it passes to the releaser.
- Exempt. A list of recipients to which the message will not be delivered. This will generally be used in conjunction with distribution lists.
- Handling Instructions. Instructions for operators processing the message in transit. This is primarily for older systems which will have operators in some stages.
- Message Instructions. Instructions for message recipients, such as caveats on message printing.
- Expires. A date at which the message is no longer valid. Harrier will display this information on reception.
- Reply By. A date by which a reply is needed. Harrier will flag this information on reception and warn if the time is close.
Harrier Scan Listing
Harrier provides a scan listing of messages, shown above, sorted by precedence and filing time. Some of this is familiar from email interfaces, but some points are worth noting:
- Military Message precedence for the active mailbox is shown.
- A target processing time is shown for each message, based on arrival time, reply by time, and configurable target processing time for the message precedence.
- Security Label for each message is shown.
- An icon indicates if message was received directly, profiled, or through a distribution list. This Icon also indicates draft/review/release processing status.
- An icon indicates if the active mailbox is an action or an info recipient.
- Folders show daily message archives. Messages can be archived, but not deleted, so that messages are always retained for audit.
Harrier identifies message recipients from an LDAP Directory (Isode's M-Vault or Microsoft's Active Directory can be used). Cobalt provisioning marks directory entries as Users, Roles, or Organizations. Type of some entries is automatic, and is selected for entries which represent redirections or distribution lists.
Harrier presents this information as two distinct address books:
- Organizations. This is used for Action/Info/Exempt fields.
- Roles. This is used in the draft and release process and also for local messages between roles.
Recipient Capability Checking
Recipient capabilities may be stored in the directory entry of each recipient. Harrier will ensure that the message is compatible with those capabilities, which can include:
- Support of Attachments
- Maximum Line Length
- Maximum Message Size
- Supported Character Sets
- Checking that Recipient Security Clearance
Capability checking is particularly important when using Harrier as an interface to older messaging standards, such as ACP127, where recipients may have limited capabilities.
Security Labels selection is driven by the configured Security Policy, restricting Harrier to selecting a security label that is appropriate for the intended recipient(s). Multiple security policies can be supported, allowing the user to select the appropriate policy for the message/deployment. Two security label formats are supported:
- RFC 7444 "Security Labels in Internet Email".
- NATO Confidentiality labels following:
- STANAG 4774 "CONFIDENTIALITY METADATA LABEL SYNTAX"
- STANAG 4778 "METADATA BINDING MECHANISM"
- NATO SRD 4778.2 Chapter 3 “Simple Mail Transfer Protocol Binding Profile”
Harrier supports message signing and encryption following the S/MIME as specified in RFC 5751 “Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1”. This includes triple wrap encryption and header signing.
Support of MTF and C2
Harrier can be used to support C2 (Command and Control), which makes use of MTF (Message Text Format) data, such as ADatP-3 and OTH-Gold. Harrier provides an easy way to insert an MTF file into a message. On reception, Harrier identifies in-line MTF messages and facilitates extraction to a file.
ACP 127 Mode
Harrier may be configured in an ACP 127 Mode, which restricts messages to capabilities that an ACP 127 client can provide. When used in ACP127 mode addresses are presented as ACP 127 RI (Routing Indicator) and PLA (Plain Language Address) with SMTP addressing hidden from the user. Also, lines are limited to 69 characters, character set is restricted to ITA2 or IA5 and attachments are disabled.
Architecture and Deployment
Harrier is a Web server providing an interface, compatible with modern browsers, communicating to a Harrier web server using HTTP (REST) and Web Sockets and making use of making use of JSON, CSS, and HTML.
The diagram below shows how Harrier is deployed and how the addition of an M-Switch Gateway, to perform message conversion, allows Harrier to deployed as part of SMTP, X.400, MMHS over SMTP, ACP127, STANAG 4406 networks and constrained network (low-bandwidth/high-latency) variations.
The Harrier web server, MTA and gateway components can be deployed co-resident on a single box or separately depending on architectural choices. TLS is configured by default for all connections to provide confidentiality and integrity.