Data Protection (S-100/S-57 )

Introduction

The IHO Data Protection Scheme defines security constructs and operating procedures that must be followed by Data Servers (providers of data) and Data Clients (systems that use the data).

The purpose of data protection scheme is to provide:

1. Piracy Protection: i.e. to prevent unauthorised use of data by encrypting the ENC information.
2. Selective Access: i.e. to restrict access to ENC information to only those cells that a customer has been licenced for.
3. Authentication: i.e to provide assurance that the ENC data has come from approved sources

There are currently two IHO security schemes. The S-63 Scheme, is used for ENC's and ECDIS based on the S-57 Standard. The S-100 Scheme (currently being implemented for testing), is intended for S-100 based products (e.g. S-101, S-102 etc).

Please note that the IHO is currently in the process of updating our OEM and Data Server agreements and process. As part of our new process, we are recommending that OEMs developing new S-63 and S-100 compatible display system use the generic M_ID and M_KEY codes provided in S-64 and S-164.

Please use the provided link here to download the generic credentials.

Under normal circumstances the IHO will only issue final OEM credentials once an OEM is ready to launch their final product to market. If this causes  you any issues, or you feel that final OEM credentials are required for you to operate, please contact the IHO to discuss the matter further.

 

S-63 Documents and Resources

The main S-63 Documents are available in English and French and can be downloaded from the IHO Publications Download page.

  • OEM and Data Servers applications should now be submitted via the IHO Online Application Platform using the applicable S-63 and S-100 Agreements provided here.

The following agreement documents are required for both S-63 and S-100 schemes:

Annex A - Data Server Agreement (Ver.3.0.0)

Annex B -  OEM Agreement (Ver.3.0.0)

IHO Top Level Certificates

Other Resources

 

S-100 Scheme Documents and Resources

The S-100 Security Scheme is describe in Part 15 of the latest S-100 IHO Universal Hydrographic Data Model document, which is available from the IHO Publications Download page.

The OEM and Data Server Application and Agreement documents (for both schemes) are provided above;

IHO S-100 Scheme Administrator (SA) Certificates:
Compliant S-100 Edition* Note
S-100 Ed.5.2_SA Certificate Expiry date - March 2074
Expiry date - September 2051
(Testing and Implementation version)

* Please note that the IHO data protection scheme should only be applied to operation versions of S-100 based products that comply with at least Ed.5.2.x of S-100.   

Test Datasets - the S-100 Security Scheme testdata (which are based on the S-64 testdata) are included in the following zip files:

  • 1.ZIP (ref datacontent of S64 test 2.1.1) exchange set containing cells, text and picture files
  • 2.ZIP (ref datacontent of S64 test 2.2.2) exchange set containing updates to one of the cells in 1.ZIP
  • PERMITS.ZIP contains the permit file applicable for all the cells in above exchange sets with a separate signature file for the permit file.

Note: the consolidated signature file S63_SIGNATURES.XML is located in the INFO folder for 1.ZIP and 2.ZIP exchange sets.

 

Application to the Data Protection Scheme

All agreements must be electronically signed as part of the online application process. Hard copies are no longer requried. Only applications submitted via the online platform will be processed.

To begin the application, please visit the IHO Online Application Platform. For any questions or technical issues regarding the platform, please contact the IHO Secretariat at info@iho.int.

Note: to access the Data Protection Application (DPA) online form, you must have an IHO Portal account. If you do not have an account, please create one first via the link here.

 

Choose a subject

Share this page:

Last modified: 05/08/2025 - 08:45