Abstract: This Inspection and Sanitization Guidance (ISG) for National Imagery Transmission Format (NITF) document provides guidelines and specifications for developing file inspection and sanitization software for NITF files, which are formally defined by the National Imagery Transmission Format Standard (NITFS). The latest NITF 2.1 standard is defined in MIL-STD-2500C. NITF files contain numerous segments of data that include images, graphics, text, as well as custom data in a strict format. As with prior ISG documents, this document is concerned with data hiding, data disclosure, and data attack risks. For example, although the NITF standard is well-defined and contains detail down to the byte level, there remain fields that include metadata, conditional information, and variable length content that require inspection to ensure nothing is hidden within the file. The nature of NITF files is to include a variety of imagery and associated data that could potentially be displayed to an end user. Information can be selectively displayed to the user based on capability and the information that was requested. With potentially a large amount of data located in these files, inspection and sanitization is key to ensuring that information contained in the file is authorized for display to the user and that the data cannot be used to attack the system.
Date Published: 18 January 2018
Last Reviewed: 12 January 2018
Dissemination Control: N/A
Length: 79 page(s)