More and more services released in the Navelink operational environment
Navelink is an operational Maritime Connectivity Platform (MCP) run by a non-profit consortium. The platform provides secure identity management and service management and has been compared to maritime Yellow Pages or a maritime AppStore. Today, more than 100 services are registered, and the number is growing
Navelink was one of the outcomes from the STM Validation Project with the main purpose to take the MCP to a full operational level that can stand and live on its own without dependency to projects. Wärtsilä, Kongsberg and Saab together established a consortium supported by the Swedish Maritime Administration. Combitech, a Saab subsidiary, was chosen for the realization of the platform. The old STM Validation testbed is now moving to the Navelink platform and becomes truly operational. Today there are around 10 organizations connected with around 100 services.
Anders Wendel, Head of Navelink says, “We are still in the startup phase. However, we see that there is a fast-growing demand for our platform to supply authenticated service connections. The main idea is to be a major enabler for maritime services, which in their turn provides the real effects and benefits for the maritime industry. “
The developing standards related to cyber security and communication, such as IEC 63173-2 SECOM, are closely followed and implemented in the Navelink platform. The experiences gained is fed back to standardization work groups and other discussion teams, which will in the long term enhance both Navelink as a common platform for maritime users as well as standardization work for the future.
Under the hood – the technology behind
Navelink is used today both by projects based on the Sea Traffic Management (STM) concept and also continued use from former partners in STM Validation project as part of the service given to its customers. There are two essential usages of the Navelink platform:
1) Register the actor identity in a common trusted place and bind this identity to an asymmetric key-pair signed by the Navelink, this is what is called a Certificate. That means that the actor can use this certificate to prove its identity when exchanging information. The counterpart in the exchange can then verify the identity by validating the received Certificate with a common and trusted platform, Navelink.
2) The service registry lookup to actually find each other and start communicating on the digital maritime arena. If e.g. a ship wants to share its voyage plan with the VTS, the ship can search by different means, e.g. by its own route geometry and find the VTS, and then use the service VTS exposes to send the information securely to the VTS.
In the current version, Navelink encourages (in the STM concept it is required) an encrypted channel (TLS) between the two actors exchanging information, normally called transport security. In the future, it is foreseen that also the data itself is signed. The signing of data also requires an identity bound to asymmetric key pair, and the possibility for the receiver to verify the signature. Navelink is already today updated to enable this feature, including the possibility for the actor to keep the private keys safe and get the public keys signed by and registered in Navelink Identity Registry.