Chief Information Officer

IC Technical Specifications

Information Security Marking Metadata

Data Encoding Specifications for Information Security Marking Metadata


This IC enterprise data encoding specification defines XML elements and attributes, associated structures and relationships, mandatory and cardinality requirements, permissible values, and constraint rules for representing electronic information security markings.

This standard supports Executive Order (EO) 13526, Classified National Security Information which “prescribes a uniform system for classifying, safeguarding, and declassifying national security information”, across national security disciplines, networks, services, and data.

This standard is a critical technical bridge between:

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

This specification changed names and numeric designators multiple times since its inception in the late 1990's. Each version listed below supersedes the previous version.

The IC Chief Information Officer maintains this specification via the Data Coordination Activity (DCA) and Common Metadata Standards Tiger Team (CMSTT).

Data Encoding Specification Downloads

Current Version:

Mission Requirements

Information sharing within the national intelligence enterprise will increasingly rely on information assurance metadata (including information security markings) to allow interagency access control, automated exchanges, and appropriate protection of shared intelligence when necessary.

A structured, verifiable representation of security marking metadata bound to the intelligence data is required in order for the enterprise to become inherently “smarter” about the information flowing in and around it. Such a representation, when implemented with other data formats, improved user interfaces, and data processing utilities, can provide part of a larger, robust information assurance infrastructure capable of automating some of the management and exchange decisions today being performed by human beings.

Throughout the intelligence life cycle, the enterprise needs: