Date post: | 07-Dec-2014 |
Category: |
Data & Analytics |
Upload: | advanced-systems-management-group |
View: | 155 times |
Download: | 2 times |
Copyright Advanced Systems Management Group Ltd. 1999-2013
INFORMATION EXCHANGE FRAMEWORK (IEF)REFERENCE ARCHITECTURE SPECIFICATION
March 2014Presented by: Mike Abramson
President, Advanced Systems Management Group (ASMG) Ltd.Co-chair OMG C4I Domain Task ForceChair Information Exchange Framework (IEF)
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Objectives
Reference Architecture and standards for Policy-Driven Data-Centric information sharing and safeguarding (ISS)solutions that enable:• Responsible Information Sharing• Dynamic Interoperability• Information Quality• Defense in Depth• Policy-Driven Data-Centric Capabilities• Rapid Development and Deployment• Standards Alignment • Support Ecosystem
Partner 1
Partner 2 Partner N
Copyright Advanced Systems Management Group Ltd. 1999-2013
Target Audience
Communities that respond to dynamic changes in their operational environment:• Emergency management;• Public Safety;• Intelligence;• Border Security;• National Security;• Crisis Response; and• Military.
Note: Although the specification of IEF the reference architecture is focused on the named domains, the resulting specification will have the potential to address the concerns of a broader set of communities that need to balance the sharing of sensitive information (private, confidential, classified and legally significant); e.g.: financial services, healthcare, government services and business (e.g., countering industrial espionage).
Copyright Advanced Systems Management Group Ltd. 1999-2013
Improving Information Quality
Deliver quality Information to decision makers:1) Actionable2) Accessible3) Timely4) Current5) Accurate6) Authoritative7) Relevant8) Meaningful9) Complete10) Trusted11) Secure12) Digestible13) Usable14) Concise15) Assured 16) Auditable
Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of Support Infrastructure & Policy Life-cycle
Systematic strategies, practices, tools that enable:• Translation of Policy Instruments into a
machine enforceable form• Automated MDA transforms• Policy testing, validation and certification• Architecture Integration • Modeling, Simulation and Analytics• Management, Dissemination and
Administration• Governance
– Information Governance– Information Management– Information Assurance– Retention of institutional memory
Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Policy Driven: Define practices and tools that provide traceability from policy instrument to operation
• Date Centric: Define Services that enforce policy against the specific values of data-elements during operation
• Separation of Concerns: Define practices and tools that Separate the development of Policy from the Services the Enforce them
• Policy Automation: Define services that Automate the enforcement of rules derives from policy instruments
• Service Overlay: Define services the overlay existing infrastructure• Self-protecting: Define services that protect their on sharing and safeguarding • Modular Architecture: Define services that are self-contained, scalable and
reusable;• conform to well defined and open interfaces; provide implementation)
transparency; and conform to open standards.• Platform Independent: Define services the promote multiple solutions,
products and services
Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Related Standards: Define specifications and standards that reuse existing standards where possible
• Governance and Stewardship: Define Practices, tools and services that produce information required by:– Information Governance– Information Management– Information Assurance
Copyright Advanced Systems Management Group Ltd. 1999-2013
Focus of the IEF RA
• High level Requirements for Policy-driven Data –centric Services
– Identity, Credential and access Management (ICAM)
– Access / Release decision and control Information Packaging and Processing
– Trusted Auditing
• Service Interfaces (as needed)– Information Dissemination Services– Platform/Network Security Services– Platform / Network Services– Communications Auditing Service(s)
IEF RA Scope
Copyright Advanced Systems Management Group Ltd. 1999-2013
Service Overlay
– Decision and Enforcement points for:• File Exchange• Web Services• Instant Messaging• Email• Structured Messaging
– Trusted Logging and Auditing Services– Policy Management Services– Service Administration– Interfaces Specifications to Enabling Services:
• Identity Management• Credential Management• Domain Management• Dissemination Services
The Reference Architecture seeks to identify concepts, practices, elements for Information Sharing and Safeguarding capability that overlays existing information dissemination infrastructure
Overlay that leverages pre-existing information systems and security solutions
Copyright Advanced Systems Management Group Ltd. 1999-2013
Challenge being A
• Content Challenge• Policy Challenge• Governance Challenge
– Practices– Traceability
• Dynamic Real-world Operations\– Addressing changes in
operational Context
Copyright Advanced Systems Management Group Ltd. 1999-2013
Information about informationMissing in many environments
User ApplicationApplication SemanticsApplication Interface Specification
Exchange EnvironmentCommunity Exchange and Service Level AgreementsCommunity Interface SpecificationsCommunity Exchange SemanticsCommunity Messaging ProtocolsCommunity Networking and Community Specifications
Data and Information (Semantic) Patterns • Assembly (Aggregation, Transformation, Tagging and Marking, and
Redaction)– Structure and data Transformations– Data and Information element tagging Tags (Ownership,
Security, Privacy, QoS, …)– Static and Dynamic Filters (Security, Privacy, QoS, …)– Retrieval from User Data Stores
• Processing (Parsing, Validation, Transformation and Marshalling)– Message and Data disassembly– Domain and Semantic Validation– Data and Structure Transformation– Entry into User Data Stores
Storage EnvironmentStorage SemanticStorage Business RulesStore attributes and domainsMeta tags and labelsData and information RelationshipsGUIDs / DB Keys
Community / UserApplications
Community Agreed Exchange Standards
BusinessRules
Derived from and Traceable to Policy
Copyright Advanced Systems Management Group Ltd. 1999-2013
Policy Life-cycle & Rules Traceability
• Implementation agnostic policy and rules vocabularies
• MDA transforms to serial rules – Policy Languages (e.g., XACML, SAML)– ETL Scripts– Middleware Script and Configuration
• Systematic process for translating policy instruments into machine readable and enforceable rules
• Use of modeling and simulation and analytics to test, validate and certify policy transformations
• Architecture data available for:– Modeling and Simulation (M&S)– Governance and oversight (business analytics
and decision support)– Assurance and certification (analytics)– Post missions analysis (M&S, analytics, decision
support)
• Policy Management and Administration– Dissemination to decision and enforcement
points– Central, distributed or Local administration
• Retention of institutional memory
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Information Handling (Assembly and Processing)
• Assembly – Aggregating releasable information elements from source data– Transforming Source Data to NIEM Taxonomy– Tagging aggregated Information Elements
• Processing – Parsing, – Validating, – Transforming and – Marshaling Data Elements
• Data-centric Safeguards for data and information elements– Automated tagging within the information Structure – Redaction of data and Information elements, – Encrypting Information Elements – Channel Routing
Copyright Advanced Systems Management Group Ltd. 1999-2013
Incr
easi
ng S
ensi
tivity
Selective Information Sharing
Assembly- Aggregation- Tagging- Filtering/Redaction- Transformation
- Vocabulary- Structure
PartnerInformation
System
Processing- Parsing- Validation- Transformation
- Vocabulary- Structure
- Marshall / Integrate
PartnerInformation
System
Redacted Message
User Information
System
Using Standards Exchange Semantics (e.g., NIEM) and a Adaptive Filtering to Enabling Recipient Selective Sharing of Information
Policy Automation for Semantic Assembly and Adaptive Filtering
Formatted NIEM Message
Copyright Advanced Systems Management Group Ltd. 1999-2013
SA IEPD
Addressing Information Requirements
ObjectItem
Organization
PersonéRole Location
NIEM CORE & Selected Domains
Personnel SA IEPD/XSD
Metadata, Tags& Markings Rules
Information Safeguarding
Rules
OperationalContext
Information Sharing Rules
SA IEPD
System, Network, & ICAM
Not Addressed
ReferenceArchitecture
Copyright Advanced Systems Management Group Ltd. 1999-2013
Information Packaging Service(s)
• Service or set of services that automate information packaging policy developed using the IEPPV– Contract factory (formats and
releases messages)– Information Factory (packages
data)– Interfaces
• Rules Import • Management• Configuration File • Externals Service• Application • Logging• Session(s) to Dissemination
Services– IEF Service & Factory Controller– Policy/Rules Store
• Information Exchange Specification– Information Specification
• SemanticElement• TransactionalElement
– Assembly– Transformation– Redaction/Filtering
• WrapperElement– Distribution Specification
Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of the IEF
• Specify Policy Vocabularies that enable the translation of policy instruments to machine readable and executable rules
• Specify decision and enforcement points that gate access to or release of information based on active enforcement of security/privacy policy
• Specify supporting services:– Packaging and processing– Policy Management– The logging and auditing – Encryption– Secure Storage of data/information elements (Secure Container) – Secure distribution/dissemination
• Enable information sharing and safeguarding across a wide range of domain specific information domains and user defined policy models
• NEW: RFP for an IEF ReferenceArchitecture (IEF RA)
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture
The Submissions shall include:• Reference Architecture: defining the abstract architectural elements comprising the a
Policy Driven Data-Centric information sharing and safeguarding solution • Reference Model [PIM]: illustrating an abstract framework for understanding
significant relationships among the entities comprising IEF solutions. • Platform Specific Model(s): Providing one or more platform specific models, aligning
the reference architecture elements to specific standards, protocols, tools and technologies.
• Operating Concept: Describing the operating characteristics for the IEF: – Statement of the goals and objectives;– Operational conditions/contexts affecting the system;– Organizations, activities, processes and interactions among participants using the system;– Specific operational concept and processes for fielding the system; and– Processes for initiating, developing, maintaining and adapting the system.
• Use cases: Providing guidance reference architecture elements are used to share and safeguard information using file sharing, text/instant messaging, Web Service and structure messaging (e.g., NIEM).
Copyright Advanced Systems Management Group Ltd. 1999-2013
SummaryPolicy-Driven Data-Centric ISS Services
Source RequirementLegislation/International AgreementGovernment PolicyRegulationAgency PolicyOperating ProceduresService Level Agreements
Ch
an
ge
Re
co
mm
en
da
tio
ns
1
1
2
2
ExecutablePolicy
AccessControl
Data & InformationPackaging
PolicyLife-Cycle
Platform, Dissemination, Network &
Communications
(out of scope)
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture RFP
• Submitted to MARS PTF for first review December 2013
• Comments Integrated and resubmitted February 24th 2014 for Architecture Review and Issuance (March 2014 TC meeting)
27
Copyright Advanced Systems Management Group Ltd. 1999-2013
Questions and Answers
Mike Abramson, President Advanced Systems Management Group (ASMG) Ltd.
Co-Chair C4I DTFChair IEF WG
265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1Fax: 613-231-2556
Phone: 613-567-7097 x222Email: [email protected]
Information Exchange FrameworkSeptember 2013