On this page you'll find summaries of all of the whitepapers published by Isode. Click on the buttons below to bring up whitepapers relevant to your area of interest.


Filter by Product Area:


Measuring and Analysing STANAG 5066 F.12 IP Client

STANAG 5066 Annex F Section 12 defines an IP Client specification. This is the only mandatory element of Annex F, giving a clear implication that this is seen as a preferred mechanism for supporting applications running over HF. This whitepaper looks at requirements for IP applications over HF. It then analyses the F.12 IP protocol specification. Then a set of measurements are reported on using a pre-release version of Isode’s Icon-PEP product. Finally, overall analysis and recommendations to NATO are made. While the F.12 specification has some utility, this analysis suggests that it is a sub-optimal approach for general provision of IP services over HF.

Measurements of S5069 and S4539 waveforms with varying interleavers over a Channel Simulator

This whitepaper describes measurements of HF Modem transmissions over a channel simulator using Collins modems and simulator. It investigates the impact of varying Interleaver for STANAG 4539 and STANAG 5069 waveforms. These measurements indicate significant benefits for longer Interleavers.

Naval XMPP Road Map

XMPP is an increasingly important communication technology for military communications, supporting real time group communication. Isode provides a military XMPP solution based on its M-Link family of XMPP server products, which can be used with any XMPP client, including NATO JChat client and Isode Swift, which has a number of military-oriented features. Naval deployments have requirements which cannot be addressed by general purpose XMPP solutions. Isode has developed and standardized a number of XMPP capabilities that are critical for Naval XMPP deployments, which are summarized here. These features are currently unique to Isode. Evaluating large scale Naval deployment of XMPP has identified a number of additional requirements and this white paper describes how Isode plans to address these requirements with new M-Link capabilities.

Measuring Performance of Messaging Protocols for HF Radio

This white paper shares measurements of performance of selected HF Messaging Protocols: ACP 142, CFTP and SLEP. These protocols and other messaging protocols are described in the companion white paper Messaging Protocols for HF Radio. Optimizing throughput over HF is the key challenge for bulk protocols such as messaging. The primary measurements in this paper look at throughput for vary link speeds, error rates and message sizes, using Isode’s STANAG 5066 and messaging products. Some latency measurements are also made.

Messaging Protocols for HF Radio

This white paper looks at different messaging protocols for use over HF Radio. HF Radio has awkward operational characteristics. It is an unreliable and highly variable channel. In order to provide good messaging communications, specialized messaging protocols are necessary. Standard messaging protocols are unsuitable.

Isode Strategy for HF, STANAG 5066 and Applications over HF

This whitepaper sets out Isode's strategy for HF Radio. It summarizes the importance of HF Radio, why HF has implications from Antenna to Application and how this is addressed by Isode's "Everything above the Modem" strategy and partner approach to providing a complete solution. The paper looks at Isode's product set for HF, with particular focus on innovative capabilities, research and Isode led standardization. As well as current Isode product functions, it gives a Road Map for future products and capabilities.

Operating XMPP over HF Radio and Constrained Networks

Radio and Satellite networks often have constrained bandwidth, high latency and difficult operational characteristics. HF Radio, which is the primary alternative to Satellite for Beyond Line of Sight (BLOS) communication has particularly awkward characteristics. This paper looks at the problems of deploying XMPP over such networks and shows how XMPP can be effectively deployed in such environments. It describes standards that have been developed to support constrained operation and how these are supported in Isode’s M-Link products.

STANAG 5066 Application Protocol Series

STANAG 5066 is a NATO Standard providing a link level service for HF Radio, the latest version is Edition 3 of December 2010. The S5066-APP series of documents sets out protocol specifications that operate over STANAG 5066 and communicate with STANAG 5066 servers using the SIS protocol. These protocols provide value add to the core STANAG 5066 service.

Reducing Turnaround Times in STANAG 5066

Turnaround time in STANAG 5066 systems is generally measured in seconds or tens of seconds. This significantly impacts performance and makes it impossible to optimize for both throughput and latency. This paper examines why operational turnaround is slow and shows how it can be reduced to 150-200 milliseconds.

TDMA vs. Token Ring (Annex L) for STANAG 5066

Token Ring and TDMA (Time Division Multiple Access) are the primary choices for enabling multiple nodes to share an HF link with high utilization. Token Ring has been standardized as Annex L of STANAG 5066, and there is a placeholder in Annex M for TDMA. This paper analyses the relative merits of TDMA and Token Ring. It concludes that Token Ring is the better approach for HF, and that current NATO standardization effort should be directed towards improving Token Ring operation rather than adding a new TDMA standard.

Architecture for IP Application Services over HF Radio

HF Radio provides Beyond Line Of Sight (BLOS) communications and is a critical communications link, particularly for military applications. Traditional HF applications have operated closely with the HF networks, including point to point communications and broadcast, in particular Naval BRASS (Broadcast and Ship to Shore). HF is a difficult communications medium. Radio propagation is unpredictable and unreliable. Speeds can be as low as 75bps and latency is high. New technologies, and in particular Wideband HF have potential to improve HF communication, opening up new possibilities for HF use by a range of applications. Modern applications are IP based, and it is highly desirable to use these applications without modification for communication over HF Radio. This whitepaper sets out an architecture to achieve this.

STANAG 5066 Update Plan

NATO is putting in place a Program of Work to update STANAG 5066, this whitepaper sets out Isode’s thinking on what the plan should be. Much of this is referencing and collecting previous material into a single location. The goal is to help develop a good plan for STANAG 5066. The items described in the core of this document are made as strong recommendations for changes that are seen as straightforward and low risk. Isode believes that change to the Crypto Interface and TDMA should also be considered.

STANAG 5066 Extension Protocol Series

STANAG 5066 is a NATO Standard providing a link level service for HF Radio, the latest version is Edition 3 of December 2010. There are a number of issues with the current specification, particularly in relation to its use with the new Wideband HF (WBHF) specifications. NATO is aware of the need to update STANAG 5066 and has expressed intention to do so. The S5066-EP document series is intended to address the open issues prior to an official update and provides a set of extensions that can be used in conjunction with STANAG 5066 edition 3. The intent is that vendors and those procuring systems can reference these specifications, prior to this capability being available to NATO.

Providing XMPP Trunking with M-Link Peer Controls

Standard XMPP uses fully meshed federation for communication between servers. This whitepaper looks at scenarios where fully meshed communication has significant drawbacks, sets out an alternative XMPP Trunking architecture and shows how the peering control capability provided by M-Link can provide this.

ACID Multi-Master Replication in M-Vault Directory

This whitepaper looks at the approach taken to supporting multi-master replication in the Isode M-Vault directory server product. The paper looks at how ACID (Atomicity, Consistency, Isolation, Durability) database requirements are addressed by the approach taken, and sets the approach in the context of other techniques used in distributed directories.

M-Link Archive and Search

This whitepaper describes the new Archive capability in M-Link, and how it enables searching of archive data by end users and operators. It describes operator and management capabilities, including archiving, search, storing statistics history and how very long term archiving can be achieved using PDF/A storage.

Measurements of Skywave HF Radio Intermediate Term Variation and Implications for Optimizing Link Performance

This whitepaper describes the results of Over The Air (OTA) HF Radio Skywave tests looking at the effects of Intermediate Term Variation (ITV), and considers how these results can be used to improve the performance of applications running over HF Radio. The tests were performed in conjunction with Rockwell Collins using both narrow band and wideband HF. The results were initially reported in a paper presented at the HF Industries Association (HFIA) meeting in Portsmouth in September 2014..

Military Forms using XMPP

This whitepaper looks at the requirements for military forms and how XEP-0346 “Form Discovery and Publishing”(FDP) can be used to address these requirements. The paper looks at how capabilities provided by M-Link products support military forms using FDP, and how gateways can enable integration with other services.

Using OCSP, LDAP & HTTP for Certificate Checking

When using digital signatures in secure applications, Public Key Infrastructure (PKI) is used to validate digital signatures with a sequence (trust chain) of certificates from the local trust anchor to the certificate of the entity being validated. Each of the certificates in the trust chain needs to be checked in order to verify that it is currently valid. This whitepaper looks at the options for checking certificates and considers issues with each of these. It then looks at the Online Certificate Status Protocol (OCSP) and HTTP capabilities provided by Isode's M-Vault product, that directly support standardized certificate checking options and the benefits of this integration. Finally, the paper looks at supporting PKI for deployments on constrained networks, and shows how this can be cleanly addressed.

Optimising STANAG 5066 Parameter Settings for HF and WBHF

When using STANAG 5066 to communicate over HF Radio and Wide Band HF (WBHF), transmit speed and other parameters can be modified to optimize performance. This paper describes ongoing Isode research on possible new approaches to give better performance for traditional and modern applications.

Peering Controls in M-Link Edge

Peering controls are central to the difference between M-Link Edge and other products in the M-Link family. Peering controls can be used to support use of these products with XMPP Gateways and Guards and generally to control traffic handled. Peering controls can also be used to support constrained networks and integration with XML Guards. This whitepaper explains how peering controls work, and how they are used in Isode's XMPP server products.

Interconnecting XMPP and IRC

This whitepaper looks at how IRC (Internet Relay Chat) and XMPP (eXtensible Messaging and Presence Protocol) text chat services can be interconnected. It describes both services briefly and then looks at how a number of existing IRC/XMPP gateways work. It then describes the aproach taken by Isode's M-Link IRC Gateway. looking at operational, security and migration benefits of this aproach.

Federated Multi-User Chat

XMPP (the Internet Standard eXtensible Messaging and Presence Protocol) Multi-User Chat (MUC) is normally provided by a single server, with clients accessing a MUC Room via their local XMPP servers. This standard approach gives performance and resilience problems when operating over constrained networks. This paper looks at how federating the MUC service can address these problems. Isode's approach to Federated MUC as implemented in the M-Link XMPP server is described in the context of evolving XMPP standards, and benefits of Federated MUC for purposes other than Constrained Networks are considered.

M-Vault Failover & Disaster Recovery

This whitepaper looks at how Isode's M-Vault directory server provides failover capabilities in support of disaster recovery using a single master approach. It looks at requirements for replication, and describes the architecture of Isode's approach and how this addresses disaster recovery requirements.

XMPP Boundary and Cross-Domain Protection

This whitepaper looks at approaches for checking XMPP (Internet Standard eXtensible Messaging and Presence Protocol) traffic at organizational and other operational boundaries. It looks at the requirements on various approaches, and shows how Isode’s M-Link products can be used in these approaches.

Performance Measurements of Application using IP over HF Radio

This paper sets out the results of measurements made when running applications and layer protocols to support applications over IP via HF Radio using STANAG 5066. The goal of this work was to get a quantitative measure of the performance impact of using applications running over IP over HF Radio in comparison with applications running directly over specialized HF Radio protocols. This paper concludes that the performance impact of using IP is massive, with small message latency increase from at typical value of 6-20 seconds using applications optimized for HF to a smallest measured value of 89 seconds when using IP.

STANAG 5066 Performance Measurements over HF Radio

This whitepaper sets out the results of measurements done by Isode of STANAG 5066 over military HF Modems and emulated HF Radio. These test show that good line utilization can be achieved (83-94 %) for speeds ranging from 75 bits/second to 9600 bits/second. To achieve this, care must be taken with how the application uses STANAG 5066. The characteristics of HF Radio are unique, with implications on all of the higher layers and applications. This paper gives useful information to those building applications for HF Radio and for those deploying such applications.

Using Security Labels to Control Message Flow in XMPP Services

XMPP is widely used by military and government organizations with stringent security requirements, where it is critical to ensure that sensitive information is not sent to inappropriate individuals or domains. Security Labeling is the mechanism of choice for handling sensitive information in high security environments. This paper looks at the use of Security Labels in conjunction with XMPP services, and how Isode is enhancing its M-Link product to provide Security Label based controls for user to user messaging and for Multi-User Chat (MUC).

Using Security Labels for Directory Access Control and Replication Control

This paper looks at how Security Labels can be used to provide security and management benefits to directory services. It shows how Security Labels can be used to control access to data based on the Security Clearance of the user accessing the directory, and how Security Labels can be used to control access to directory services and selective directory replication.

STANAG 5066: The Standard for Data Applications over HF Radio

STANAG 5066 is a NATO specification for running data applications over HF Radio. STANAG 5066 operates over an HF modem, and provides an interface for data applications to use and share an HF modem. It provides core data link services to enable applications to operate efficiently over HF radio, and specifies a protocol that enables a clean separation between applications and modem/radio level. This paper describes STANAG 5066, and shows why it is key to deploying applications over HF Radio.

Password Policy for Directories

In this whitepaper we look at password policy for directories, its major capabilities, benefits, how it is integrated into other applications and how it is used. M-Vault implements a comprehensive set of password policy features, and so this paper covers all features which are likely to be of interest. The paper focuses on showing how features appear to the end user and can be used and controlled by an administrator.

ACP 133: The Military Directory Standard

ACP 133 is the NATO Standard for Military Directory: "Common Directory Services and Procedures". The current version is "Edition D", published in July 2009, which is supported by the Isode product set. This whitepaper gives a short summary of ACP 133 aimed at readers with some familiarity with directory services.

Using Active Directory as part of a Distributed Directory

There are many situations that require large distributed directories using LDAP (Lightweight Directory Access Protocol) and/or X.500, such as Government, Military and Aviation. Organizations building these distributed directories will often be making use of Microsoft Active Directory (AD). AD provides a number of key functions in a Microsoft server network, which impact its use as part of a distributed directory. This paper explains these issues, and then looks at three different approaches to using AD in the context of a distributed directory.

Replication for Tactical Directory

Directory is an important component of Tactical Military operations. This paper looks at requirements for Tactical Directory, explains why there are special replication requirements, and that this is the only area where requirements differ significantly to other military directories.

Building a Highly Replicated Directory: The case for X.500 DISP

This whitepaper looks at issues related to replication, when building a highly distributed and replicated directory. It argues that X.500 DISP (Directory Information Shadowing Protocol) is the best solution to this problem. This paper looks particularly at military directory, which has strong requirements for highly replicated directory. The paper is also applicable to other environments.