Date post: | 19-Dec-2015 |
Category: |
Documents |
View: | 226 times |
Download: | 5 times |
1
Enterprise ArchitectureUnified Profile for DoDAF and MODAF (UPDM)Strategies, Policy, Governance, and Implementation
DoD and Federal Departments15 July 2011
Walt OkonSenior Architect Engineer
Architecture & Infrastructure DirectorateOffice of DoD [email protected]
703-607-0502
Future of Architecture
Secure Information Sharing
It is imperative to effectively securely exchange information among components, Federal agencies, coalition partners, foreign governments and international organizations as a critical element of our efforts to defend the nation and execute national strategy
Effectively Securely Exchange Information
Secure Information Sharing
The use of architecture techniques ensures alignment, clarity, and interoperability across information sharing initiatives; Information Sharing Environment (ISEs))
Architectures enable Departments and agencies to eliminate redundancies by identifying information sharing services that may be implemented and shared internal to DoD and, potentially, across the Federal Government.
Architectures Enabled
Secure Information Sharing
DoD is implementing services for IS that employs Enterprise Services (ES) including service registration, authentication, attribute‐based access control, directory services, metadata registration, federated search, and collaboration.
DoD partnering with IC on initiatives; e.g., service definition and implementation, metadata descriptions, Universal Core context‐independent framework, and cross‐domain solutions.
Elements of Quality Architecture
Common Architecture Framework Approach
• Single Architecture Framework
• Policy, Direction, Guidance
• Exchange
• Architecture Tools
• Certified Architects
Enabling efficient and effective
acquisition of hardware, software and
services used by DoD in missions
DoDAF V2.0 Viewpoints Fit-For Purpose
Architecture viewpoints are composed of data that has been organized to facilitate understanding. 6
All V
iewp
oin
t
Ov
era
rch
ing
as
pe
cts
of a
rch
itec
ture
co
nte
xt th
at re
late
to a
ll m
od
els
Data an
d In
form
ation
View
po
int
Artic
ula
te th
e d
ata
rela
tion
sh
ips
an
d a
lign
me
nt s
truc
ture
s in
th
e a
rch
itec
ture
co
nte
nt
Stan
dard
s View
po
int
Artic
ula
te a
pp
lica
ble
Op
era
tion
al, B
us
ine
ss
, Tec
hn
ica
l, an
d
Ind
us
try p
olic
y, sta
nd
ard
s, g
uid
an
ce
, co
ns
train
ts, a
nd
fo
rec
as
ts
Systems Viewpoint
Articulate the legacy systems or independent systems, their composition,
interconnectivity, and context providing for, or supporting, DoD functions
Services Viewpoint
Articulate the performers, activities, services, and their exchanges providing for,
or supporting, DoD functions
Operational Viewpoint
Articulate operational scenarios, processes, activities & requirements
Capability Viewpoint
Articulate the capability requirement, delivery timing, and deployed capability
Pro
ject View
po
int
De
sc
ribe
s th
e re
latio
ns
hip
s b
etw
ee
n o
pe
ratio
na
l an
d c
ap
ab
ility
req
uire
me
nts
an
d th
e v
ario
us
pro
jec
ts b
ein
g im
ple
me
nte
d;
De
tails
de
pe
nd
en
cie
s b
etw
ee
n c
ap
ab
ility m
an
ag
em
en
t an
d th
e
De
fen
se
Ac
qu
isitio
n S
ys
tem
pro
ce
ss
.
DoD Architecture Framework 2.0
• What it is:– Guidance on the types of data and
relationships needed to document a DoD architecture in a standard way (new in 2.0)
– Guidance on format and content for a standard set of DoDAF Described Models for describing architectures
– High level meta-process for using the DoDAF• What it isn’t:
– A specific architecture– A tool– A detailed architecture development process
7
8
DoDAF V2.0 Vision
Views for the Architect
Structured Knowledge Base – Common Model
Views for Other Stakeholders
Levels of Architecture
9
Solution Level Architectures
Segment Level Architectures
Enterprise Level Architectures
DoD Enterprise
Capability Based
System ContextSoS ArchitecturesFoS Architectures
http://www.defenselink.mil/cio-nii/sites/diea/
10
UPDM – Unified Profile for DoDAF/MODAF
Adaptive
Artisan Software
ASMG
BAE Systems
DoD
DND
embeddedPlus
Generic
IBM
Thales
Lockheed Martin CoMitreL3 CommsMOD
NoMagic
Raytheon
Rolls Royce
Sparx Systems
VisumPoint
Selex
UPDM RFC Group
Walt OkonDoD Support
Why do we need Exchange
UCore
“The bottom line is this: The U.S. government had sufficient information to have uncovered this plot and potentially disrupt the Christmas Day attack. But our intelligence community failed to connect those dots, which would have placed the suspect on the "no fly" list.
In other words, this was not a failure to collect intelligence; it was a failure to integrate and understand the intelligence that we already had. ”
President Barack Obama, 05 JAN 2010
11 Sep 2001 Terrorist Attacks
Haiti Earthquake
Hurricane Katrina
Japan Earth Quake,
Tsunami, Nuclear Risks
Middle East Pro-Democracy
Movements
Christmas Day Terrorist Attempt
DoD and IC Information Sharing
Initiatives
DOJ/DHS Experience in Federal, State, Local, Tribal Interoperability
ImplementLessonsLearned
To Achieve OperationallySignificant
Results
Federal Inter-Agency
State, Civil, Local
Coalition Partners
NGOs and Industry
What is UCore
Message Framework Metadata
When What
Where
Who
• XML representation Interrogatives: When, Where, Who, What,
• What Taxonomy• Common Terms
• Security markings • Message framework• Rendering Instructions• Extension Guidance
UCore V2.0 Conceptual Data Model
Architecture Tools
• Guidance– DoDAF v2.0 – Federated Architecture Strategy– DoD IEA
• DoD Tools– DoD Architecture Registry System (DARS)– DoD IT Standards Registry (DISR)– GIG Technical Guidance (GTG) Tool– Meta Data Repository (MDR)
Vendor Tools are Necessary
Architecture Education & Training
Common Architecture Framework
Certified Enterprise Architects
design the information
technology architecture
structure enabling the efficient
and effective acquisition of
hardware, software and services
utilized by the DoD in missions
supporting the warfighters.
Elements of Quality Architecture
Common Architecture Framework Approach
• Single Architecture Framework
• Policy, Direction, Guidance
• Exchange
• Architecture Tools
• Certified Architects
Enabling efficient and effective
acquisition of hardware, software and
services used by DoD in missions
deliverables.
Future of Architecture
Achieving Secure Information Sharing
Information Integration SubcommitteeIdentity Federation Meeting
Implement ICAM
Identity, Credential, and Access Management
Unclassified 18
Federal CIO Council
ICAM Alliances: Interagency Security Committee, NSTIC NPO, CNSS, IC IdAM, NASCIO, & More
Secure Information Sharing
Extract from FY10: Leveraging the Power of Technology
• To support this effort, the Federal Identity, Credential, and Access Management (ICAM) segment architecture provides Federal agencies with a consistent approach for managing the vetting and credentialing of individuals requiring access to Federal information systems and facilities
• The ICAM segment architecture will serve as an important tool for providing awareness to external mission partners and drive the development and implementation of interoperable solutions
Secure Information Sharing
Extract from FY12: IT Security and Privacy• Improve Identity Management: ICAM, PIV
Credentials, HSPD-12, NSTIC• ICAM solutions leverage existing investments
in the Federal Government while promoting efficient use of tax dollars when designing, deploying, and operating information technology systems
• With the majority of the Federal work- force now possessing credentials, agencies can accelerate their use of these for secure access to Federal facilities and information systems
Lo
gic
al A
cces
sP
hys
ical
Acc
ess
Unclassified 21
ICAM ScopeP
erso
ns
No
n-P
erso
ns
22
Current DOD IdAM Attribute Governance
Secretary of Defense (SECDEF)Identity Protection Mgt
Sr. Coord Group
(IPMSCG)& working
groups
DOD CIO
DoD CIO Executive Board
Enterprise Guidance Board (EGB)
IA Enterprise Review Group (IAERG)
Enterprise Services Review Group (ESRG)
Architecture Standards Review Group (ASRG)
Information Assurance Senior Leaders (IASL)
Identity Access Mg
t Task Force (IdAM TF)&
working groups
Identity Assurance &
PKI
(IdA/PKI)
Directorate
Defense Information
Systems Agency (DISA)
Joint Staff
GFM DI GOSC
GFM DI PIPWG
OUSD Personnel & Readiness
(P&R)Defense Human
Resources Agency (DHRA)Defense Manpower Data Center (DMDC)
DOD/IC Authorization Attribute Steering Committee AASC
Federal CIO Council(FICAM
Subcommittee)
Legend for governance light blue: DOD organizations
dark blue: DOD governance bodiesgrey: DOD/IC governance bodiesblack: federal governance bodies
Architecture & Information Sharing
Achieving Secure Information Sharing
Office of Management and Budget
Common Approach Federal Enterprise Architecture (CA-FEA)
Dr. Scott Bernard, Federal Chief Architect
Changes in Federal Direction
Mission. Federal enterprise architects provide leading-edge advisement, analysis, and design services that align strategic priorities with mission capabilities and technology solutions.
Vision. To be a trusted, knowledgeable partners with agency executives, managers, staff, and external stakeholders to help accomplish mission goals, manage change, and optimize resources through proven enterprise architecture methods.
Changes in Direction
Outcomes:• Revitalized community that is relevant and engaged.
• Strong leadership support for the participation of architects in key initiatives.
• A diversity of views within the community are heard and considered.
• New methods for architecture that are more agile, efficient and standard.
• Updated policy to reflect new priorities, methods, and desired outcomes.
• A career path and training standards for federal enterprise architects.
Changes in Governance
• OMB, Federal CIO: Sets federal policy- EA programs, practices, reporting.
• OMB, Chief Architect: Leads federal EA community, advises Federal CIO. Runs quarterly Chief Architect Forum Meetings.
• OMB, FEAPMO: Maintains federal EA approach and does projects.
• CIO Council: Promotes federal IT community discussions, advises Federal CIO, publishes best practices and reports, maintains reference archive.
• CIO Council, AIC: Promotes best practices, supports outreach.
• AIC Sub-Committees: Promotes the development of best practices and methods in specific EA areas, supports outreach, and projects.
• AIC Outreach Sub-Committee: Runs quarterly “Architecture Plus” meetings for government and industry participants to discuss EA issues.
Changes in Approach
Strategy
Business
Information & Data
Applications & Services
Technology Infrastructure
PRM
BRM
DRM
SRM
TRM
Integrating theFederal EAFramework
and ReferenceModels
Strategic Goals
Enabling Applications
BusinessServices
Host Infrastructure
Data and Information
Secu
rity
Co
ntr
ols
(SRM
) (PRM)
(BRM)
(DRM)
(TRM)Curr
ent V
iew
s Future Views
Enterprise Plan
Transition Plan
Governance
Standards
Framew
ork
Use
MissionSuccess
AuthoritativeReference
Reso
urce
Opti
miz
ation Functional
Integration
Common Approach to Federal EA
FEAF-II
Changes in Scope
Level Scope PlanningDetail
Impact Audience
Govt.-WideServices
SectorServices
Sin
gle
Ag
ency
Mu
ltip
le
Ag
enci
es
Government-Wide& International
Multi G2C, G2B, G2G
U.S. & OtherGovernments
Multiple Agencies,Businesses,
Interest Groups
National/GlobalOutcomes
SectorOutcomes
Medium
Medium
Agency-WideServices
Line of BusinessSpecific Services
ProgramSpecificServices
General Governm
ent
PolicyResourcesOversight
Transparency
Education & Workforce
Sector Defense & Security
Sector
Law & JusticeSector
Diplomacy & TradeSector
Economic & Financial
Sector
Transport & Space
Sector
Energy & Technology
Sector
Environment & Natural
ResourcesSector
Health & Well-Being
Sector
Sector designations are needed to support new services and interoperability across traditional agency boundaries.
Example: On-line Learning
Example: EnergyEfficient Housing
Example:Smart-Roads
Example: Alternative Fuels
Example: ElectronicPatient Records
Example: Border Protection
Example:International LegalCases
Example: International Trade & Exports
Example: Global Economic Tracking
Central sector for general government support services and transparency
Changes in Use – Shared Services
Secure Information Sharing
Achieving Secure Information Sharing
White House
Information Sharing Environment Governance
Interagency Policy Committee
Cross Federal Information Sharing
Co ChairsNSS / PM-ISEDNI
DHSDOJ DOD
DOS
• Intelligence• Law Enforcement• Defense• Homeland
Security• Foreign Affairs
Scop
e
I&A / POL
Information Sharing and Access IPC
Co ChairsWH / DHS
Information and Communications Infrastructure IPC Smart Grid
Cyber Security
Cyber Legislation
Architecture/ R&D
International
Privacy, Civil Rights,
Civil Liberties
Cyber Budget
Cyber OPSLegal
IRIS
IS&A Sub IPCs
DOD
DNI
DOSDOJ
DHS
National SAR InitiativeDOJ BJA
Fusion CentersDHS I&A
Watchlisting &ScreeningDHS POL
Information Integration
PMISE
Privacy, Civil Rights,
Civil Liberties
TREAS
TREAS
IC CIO
DoD CIO
TBD
TBD
RISS
LEISP
RISS NationalPolicy Group
IC ISE
Information Sharing Environment Governance
Sub-Committees
Working Groups
Information Sharing & AccessInteragency Policy Committee
Co-Chairs: Monte Hawkins, NSS & Kshemendra Paul, PM-ISE
Suspicious Activity Reporting
Chair: Jim Burch (DoJ/BJA)
Fusion CenterChair: Bart Johnson
(DHS)Vice Chair: Owen
Harris (FBI)
Information IntegrationChair: David Bray (PM-ISE)
Watchlisting & ScreeningChair: Monte Hawkins
(NSS)
Assured SBU Network Interoperability Working Group
Chair: Kevin Heald
Assured Secret Network Interoperability Working
GroupChair: James Beagles (DHS)
Paul Grant (DoD CIO); Chuck Kosak (USD(P)); Karen Riggs (JS)
• Chuck Kosak (USD(P)) • Mike Reheuser (DPCLO)
• Regina Piper (DoD CIO)
Data Aggregation Working Group
Chair: Donna Roy (DHS)Chair: Hank Bebe (DNI)
• Paul Grant (DoD CIO)• Carl Consumano (DoD CIO)
• Paul Grant (DoD CIO)• Carl Consumano (DoD CIO)
• Matt Taveres (HD&ASA)• Adam Gorowitz (USD(P))
• Stephanie Beavers (HD&ASA)
• Paul Grant (DoD CIO)• Walt Okon (DoD CIO)
Nominations Database Enhancements
Encounters Screening
AuditInformation Technology
ISE Privacy Guideline Revisions
Privacy, Civil Rights & Civil Liberties
Chair: Alex Joel (DNI)
HSPD-24 National Security Threat
HSPD-6 International Outreach
Standards Working Group
Chair: Walt Okon (DoD)
Federal Shared Services Strategy
Shared Service Working Group
Office of Management and BudgetOffice of E-Government & IT
34
Shared Services: Part of the IT Reform Agenda
Reform Item #6: Develop a Strategy for Shared Services
35
History of Shared Services
Quicksilver2001
Cloud-First2010
E-Government Act2002
Clinger-Cohen1996
E-Gov InitiativesInitial 25
2003
Lines of BusinessInitial 5 (HR, GM, FM, FHA,CM)
2004
Lines of BusinessRound 2 (Geo, BFE, ITI, ISS)
2006
Payroll Consolidation Completes
2009
GAO Report: Opportunities to Reduce Potential Duplication
2011
E-Gov InitiativesRound 2 (DAIP, ITDS, IAD-Loans/Grants)2008
Shared Service
s2011
36
What is a Shared Service?
Shared ServiceProducer ConsumersProvider
Roles: Provider, Producer, Consumer
Sources: Internal or external to the agency
(government or commercial).
37
Shared Service Concept
Public Clouds Federal Clouds
Collaboration
Content ManagementCloud eMail Others
Virtual Meeting SUPPORT
SERVICESECTOR
MISSION SERVICE SECTORS
Education & Workforce
Health & Well-Being
Defense & Security
Diplomacy & Trade
Economic & Financial
Environment & Natural Resources
Transport & Space
Energy & Technology
enablers
First focus on support sector services, as this has the greatest initial potential for lowering duplication & waste.
First focus on support sector services, as this has the greatest initial potential for lowering duplication & waste.
38
Shared Service Delivery Channel Continuum
Agency Level Shared Services
Departmental-Level
Shared Services
Agency LevelDecentralized
Departmental Decentralized
Existing Shared Services Centers
of Excellence
Expansion of COEs
Pure-Play Cloud PaaSIaaS
Private Sector Shared Provider –
Cloud/SW/Svcs
SaaS
Delivery Channels & Considerations
Delivery Considerations
• Is the service commercially available?• Are there security, privacy, classified requirements?• Does the agency need to be a provider?• How does a provider agency meet customer needs?
39
QuestionsWalt Okon
Senior Architect EngineerArchitecture & Infrastructure Directorate
Office of DoD [email protected]
703-607-0502
Secure Information Sharing