Community of Interest (COI) Services

Overview#

Two allied intelligence agencies need to share tactical assessments on a joint operation without exposing their broader source networks or internal case files. One agency operates at a higher classification than the other, and national law prevents raw data from leaving its jurisdiction. COI Services solves this by creating an isolated shared namespace where each participating organisation sees only the data its membership tier and release markings permit.

This controlled sharing model is common across defence coalitions, cross-border law enforcement task forces, and multi-authority financial crime units. All three sectors need the ability to work together on a specific problem without general data cross-contamination, and COI Services provides exactly that boundary through Attribute-Based Access Control backed by PostgreSQL-enforced multi-tenant isolation.

Key Features#

COI Namespace Isolation#

Each Community of Interest operates in an isolated environment with separate data boundaries. Enforced isolation prevents data leakage between communities while enabling controlled sharing within COI membership. Namespaces carry their own encryption context and cannot be queried across boundaries without explicit federation approval.

Membership Management#

Role-based membership with Owner, Manager, Member, and Observer tiers. National authority approval workflows govern membership changes. Automated credential provisioning and revocation keep access aligned with membership status. Complete audit trails record every membership lifecycle event, satisfying EDF and PESCO compliance requirements for multi-national operational trust.

Data Sharing Policies#

Attribute-Based Access Control applies release markings and handling instructions (RELTO, EYES ONLY) at data access and query time. Cross-COI query federation with access control mediation enables controlled information discovery across community boundaries without exposing raw source data.

Cross-National Collaboration#

Real-time operational picture sharing within COI boundaries supports joint situational awareness. Structured message exchange enforces classification at every step. Collaborative document editing includes version control and CRDT-backed offline capability for operators in degraded connectivity environments. Multi-national operations can maintain coordinated awareness even when networks are intermittent.

Classification Enforcement#

Automated classification marking is applied to all shared data with appropriate handling instructions. Data products inherit classification from source materials. Declassification workflows support both time-based and event-based triggers, with every decision logged to the immutable audit trail.

Use Cases#

• Multi-National Operations: Participating nations share operational intelligence through controlled COI channels while maintaining data sovereignty and national classification authority.
• Inter-Agency Task Forces: Agencies with different classification authorities share case-specific intelligence without merging their broader databases.
• Joint Investigation Teams: Cross-border investigations share evidence and analytical products within security boundaries, with full provenance tracking for court admissibility.
• Coalition Operations: Multinational coalition activities benefit from real-time situational awareness and structured information exchange without compromising national intelligence sources.

Integration#

Supports federated operations across organisational boundaries with access control mediation. Compatible with NATO data sharing standards for classification labelling and attribute-based access control. All COI activity writes to PostgreSQL as the primary store, with organizationId scoping enforced on every query.

Open Standards#

• NATO STANAG 4774 Ed.1 / STANAG 4778 Ed.1, Confidentiality Metadata Label Syntax and Metadata Binding. COI data releases carry classification labels conformant with STANAG 4774, with cryptographic bindings applied per STANAG 4778 so receiving allied systems can verify label integrity and authorised provenance before accepting shared payloads.
• EU Council Decision 2013/488/EU, Security Rules for Protecting EU Classified Information. Governs EU RESTRICTED and EU CONFIDENTIAL markings applied to shared COI data in EDF/PESCO and joint NATO-EU contexts, ensuring handling obligations are encoded in the metadata that travels with each shared asset.
• XACML 3.0 (OASIS), eXtensible Access Control Markup Language. The Attribute-Based Access Control policy model used to evaluate release markings, handling instructions (RELTO, EYES ONLY), and membership tier at query time is expressed in XACML semantics, enabling policy definitions to be audited and exchanged with allied ABAC-capable enforcement points.
• SAML 2.0 (OASIS), Security Assertion Markup Language. Cross-organisational identity federation for COI membership credentials relies on SAML 2.0 assertions, allowing participating nations to authenticate members through their own national identity providers without centralising credentials in the COI platform.
• OAuth 2.0 / JWT (RFC 6749 / RFC 7519), Open standard authorisation framework and token format. API access to COI namespaces, shared intelligence feeds, and membership management operations is governed by scoped OAuth 2.0 tokens carrying tenant and clearance claims, validated at every service boundary.
• CRDT (Conflict-free Replicated Data Type), the coordination-free consistency model used for collaborative document editing within COI workspaces, enabling offline-capable co-authorship across degraded-connectivity environments without central lock management.
• GraphQL (June 2018 specification), the query and mutation protocol through which COI namespace operations, membership management, shared intelligence queries, and classification enforcement results are exposed to authorised consumers.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14