A Combat Support AgencyDefense Information Systems Agency
Rising to the Net-Centric Challenge …
Delivering Core Enterprise Services to the DoD and IC Communities
Ms. Teri Hoffman-Boswell Dr. Glen WhiteMITRE Project Lead Chief Engineer
Net-Centric Enterprise Services PMO28 April 2009
A Combat Support Agency
2
The DOD Vision Net-Centric Data Strategy (9 May 2003)
Enable Data to Be Trusted
Make Data Interoperable
Be Responsive toUser Needs
Make Data Accessible
Make Data Understandable
Make Data Visible
Is an information resource discoverable by end-users?
Is it connected to the network(s), and are tools readily available to use and allow assured access to it?
Can it be used intelligibly? Are the semantics well documented?
Can it be easily combined or compared with other information and/or mediated?
Is the authority (pedigree, security level, and access control level) known and available?
Are users involved in COIs? Are robust, direct user feedback mechanisms in place to guide development?
A Combat Support Agency
3
Evolution to Integrated ServicesG
CC
S-A
F
Individual Automated Systems Blue Force
Ground
Standards-Based Enterprise Services
Standards & Specifications
Ope
rato
r Int
erfa
ce
Service Discovery
Metadata Discovery
People DiscoveryESM
M2M Messaging Mediation
Service Security
Association Mgmt
Red Track Data METOC
Standards-Based Capability Modules
Collab
Content Delivery
Content Discovery
User Access
Producer Centric User Centric
GC
CS
-A
GC
CS
-MC
GC
CS
-M
- Islands of Automation- Custom-built- One to One
- Slow Adaptation to Operational Changes
- Tightly Coupled Integration
- Interoperability With External Domains- Many to Many
- Highly Responsive to Operational Changes - Loosely Coupled- Maximized Use of COTS
A Combat Support Agency
4
What is NCES?
Enterprise Service
ManagementMessaging Service
SecurityMediation Content
Delivery
Content Discovery
Metadata Discovery
MetadataRegistry
Collaboration Service Discovery
People Discovery
User Access
Set of loosely coupled, common net-centric services on SIPRNet and NIPRNet that facilitate information sharing and interoperability within and across the Warfighter, Business, and Intelligence Mission Areas
A Combat Support Agency
5
Adopt
Buy
Create
USA DISA NSA/DISA
DNI USAF/DISA
DISA
IBM & Carahsoft Current – NCES Spiral 2
DISA (Enterprise File Delivery)
5
Adopt existing programs and procure commercial services for accelerated operational capability
MSP:
MSP:
5
Key Acquisition Strategy
A Combat Support Agency
6
Authority and Milestones
Warfighter Advocate: – USSTRATCOM Apr 07
Approved AoA: Apr 04 Lead Component:
– DISA Milestone A: Jul 04 Lead OTA: JITC DAA: DISA CIO Approved CDD: May 06 Milestone B: Mar 07 Approved CPD: Mar 08 Milestone C Jun 08 IOT&E Aug to
Nov 08– FDDR May 09– IOC Jun 09
NCES Program Overview Program Objectives
Mission Benefits - Increases force effectiveness via improved information delivery - Facilitates adaptive decision making via information sharing and collaboration - Improves access to information and interoperability of systems - Facilitates service reuse and increases speed of delivery
- Rapid and dynamic information sharing and collaboration - Improve delivery of information - Enable net-centric capabilities - Support multiple Mission Areas - Timely and secure access to information
6
A Combat Support Agency
7
Implementation Policy• JROCM 010-08 dated 14 Jan 2008 (incorporated into CJCSI
6212.01E dated 15 Dec 2008)– Include data and service exposure criteria in the Interoperability and
Supportability Certification Process• For all new start programs submitted after 1 Jan 2008
– The data worksheets refer to NCES Metadata Registry, Content Discovery, and Service Discovery
• DCIO memorandum “DoD Enterprise Services Designation—Collaboration, Content Discovery, and Content Delivery” dated 2 Feb 2009– Components are to deliver an implementation plan for use of NCES
Collaboration, Content Discovery, and the GIG Content Delivery Service
7
NCES capabilities enable the Department to realize the Net-Centric Vision
A Combat Support Agency
8
Enterprise Services Engineering Review Board (ES ERB)
Enterprise Services Forums NCES Supports
Collaboration Interoperability Working Group
Attribute and Authorization Tiger Team
Enterprise Service Management
Working Group
Joint DoD/IC Service Registry & Governance
Working Group Joint DoD/IC
Metadata Working Group
Joint DoD/IC Service Security Working Group
Multi Services SOA Consortium
Joint DoD/IC Mediation Working
Group
Content Discovery and Retrieval IPT
Indirect relationship with ES ERBDirect relationship with ES ERB Note: Revised enterprise service governance policy is
currently in coordination.
NCES Implementation Working Group
NCES Engineering
Review Board
A Combat Support Agency
9
Collaboration Services
Enable users to exchange information textually or via any combination of text, audio, video, and graphics
• Service Provider: IBM• Tools: Lotus Sametime
• First Available: Mar ‘07• Fielding Decision: May ‘09
• Service Provider: Carahsoft• Tools: Adobe Connect /
Jabber MomentIM• First Available: Apr ‘08• Fielding Decision: May ‘09
Collaboration
A Combat Support Agency
10
CentralizedSearch
(Intelink Google)MDR
NGA
… others
FederatedData Sources
EUCOM
JFCOMJEDS
Enterprise CatalogCommon search service between NCES and Intelink
Services accessible via the respective search interface
IntelinkDirectory
RecentIntel
Multimedia
Content Discovery Services
Enterprise Search is actively usedDiscoverable Artifacts:
12.6 M NIPRNet – 34.7 M SIPRNetAvg Queries /Day:
744 NIPRNet – 40,008 SIPRNet
• Enterprise Search– Enables producers to expose
content to the GIG for discovery by unanticipated consumers
– Tools: Inxight, Google, Federated Search
• Enterprise Catalog• Capability for producers to
publish discovery metadata about data products in a central repository
• Tools: Lucene, MySQL
Content Discovery
– Service Provider: Intelligence Community Enterprise Solutions (ICES)– First Available: Sep ‘07– Fielding Decision: May ‘09
A Combat Support Agency
11
Content Delivery Services
Distribute Critical Web Content from the Edge
AF Portal
NKO
CJTF-82
End-UsersContent Owner’s Web Infrastructure Server
Content delivered by closest edge region for improved End User experience
GCDS overlays the DISN,placing content
and application processes closer to end-users
The GCDS Solution:Distributes Critical Web Content from the Edge
Comparer
Inventory
HTTPS Transport
GBS Transport
HTTPS
EFD Content Supplier
Admin/Content Supplier
Mgr
GBS
Operating System (Windows/RHEL/Solaris)
DB
Web Interface
Admin/Content
Consumer Mgr
SBMRBM
FTPS FTPS
Consumer End-user
NFS/CIFS NFS/CIFS
Web Browser
Web Browser
Comparer
Inventory
HTTPS Transport
FTPS Server
EFD Content Consumer
Operating System (Windows/RHEL/Solaris)
DB
Web Interface
SupplierEnd-user
LegendCIFS: Common Internet File System (Windows)FTPS: File Transfer Protocol over SSLGBS: Global Broadcast ServiceHTTPS: Hyper-Text Transfer Protocol over SSLNFS: Network File System (UNIX)RBM: GBS Receive Broadcast ManagerRHEL: Red Hat Enterprise LinuxSBM: GBS Satellite Broadcast ManagerSSL: Secure Sockets Layer
The EFD Solution:Lightweight means to deliver files through replication and synchronization
EFD used in > 300 SIPRNet sites
NIPRNET SIPRNET NIPRNET / SIPRNET PENDING INSTALLATION
GCDS provides a globally distributed platform400 Servers11 Countries31 Locations
21 OCONUS, 10 CONUS
SharePoint Portals
Intel Applications
Service Portals, Mission
Applications & First Responders
eLearning Applications
Other Web Applications
• GIG Content Delivery Service (GCDS) – Accelerates delivery of web-based content– Service Provider: DISA Computing Services Division– Tool: Akamai– First Available: Apr ’08– Fielding Decision: May ’09
• Enterprise File Delivery (EFD) – Provides the capability to synchronize or replicate large
files or directories of files between geographically separated networks or enclaves
– Service Provider: DISA/NCES– Tool: GOTS product– First Available: Apr ’08– Fielding Decision: May ’09
11
Content Delivery
A Combat Support Agency
12Hot Topics
Supports Targeted Announcements
Toolbox
Notifications & File Subscriptions
Self-Service Email, IM, Discuss, People, Forms, FilesMy Favorites
12
DKO is actively usedUser Accts:
2.2 M NIPRNet – 110 K SIPRNetUnique Logins/Wk:
828,048 NIPRNet – 16,045 SIPRNet
Account Type Jul 08 Apr 09
Air Force 1,822 3,327Army N/A 101,172Coast Guard 24 45DoD Civilian 1,655 2,507Marine Corps 442 903Navy 1,192 2,343Grand Total 6,045 110,297
Registered Users on SIPRNetAccount
Type Jul 08 Apr 09
Air Force 30,466 40,109Army N/A 1,766,901Coast Guard 633 1,474DoD Civilian 22,998 313,882Marine Corps 6,856 13,167Navy 20,385 32,346Grand Total 89,812 2,167,879
Registered Users on NIPRNetDefense Knowledge Online (DKO)
– A single point of access to DoD Enterprise Services
– Service Provider: Army Knowledge Online (AKO)
– First Available: Sep ’07– Fielding Decision: May ’09
DKO NCES User Access
AKO
User Access
User Access
A Combat Support Agency
13
DIB Database
Policy DecisionPoint (PDP)
2: Search sent to Aggregator
3: Request w/ SAMLassertion sent to DDP
4. Validate aggregator's certificate
5: Is user allowed to use service?
6. Get user’s attributes
7, 11: Permit/Deny
8: If use permitted, do MDF search
9: Can user see content?
PEP Query
ServiceRetrievalService
10. Get user’s attributes*
DIB Data Provider
AttributeService
Federated Search
Aggregator
1: Validate usercertificate
DIB Metadata Framework
(MDF)
RobustCertificationValidationService
Serv
ice
Secu
rity
Con
tent
Dis
cove
ry
PKI
JEDS
Supporting Unanticipated Users:
A Distributed Common Ground System(DCGS) Application
JEDS – Joint Enterprise Directory Service; PEP – Policy Enforcement Point; DIB – DCGS Information Backbone
Service Security
Ability to operate in a secure environment• Attribute Service
– Authorization or Access Control using the identity of the consumer against policy and attributes to determine privileges
– Service Provider: DISA Joint Enterprise Directory Service (JEDS)
– First Available: Sep ’07– Fielding Decision: Aug ’09
• Robust Certificate Validation Service– Authentication using Common Access Card (CAC) (NIPRNet)
and softcerts (SIPRNet)– Service Provider: DISA DoD-Public Key Infrastructure program– Fielding Decision: Aug ’09
Service Security
A Combat Support Agency
14
People Discovery is actively usedVisits per Month: 8,274 NIPRNetDiscoverable Entries: 4M NIPRNet
Service Provider: DISA Joint Enterprise Directory Service (JEDS)First Available: Sep ’07Fielding Decision: Aug ’09
Purpose: Provides an authoritative source for the discovery of people,
and attributes about people
People DiscoveryPeople
Discovery
A Combat Support Agency
15
Metadata Artifacts: 239,495 NIPRNetTotal Users Registered: 10,765 NIPRNetDownloads last 7 days: 8,077 NIPRNet
Metadata Registry
Purpose: Enables metadata artifacts to be published,
categorized, and discovered within the DoD Metadata Registry (MDR)
DoD Metadata Registry and Clearinghouse
Single Source for the Discovery and
Storage of All DoD Metadata
DeveloperDeveloper
Web Service Interface
Application
Access Metadata at
runtime
Publish and Discover Metadata
at designtime
DKO / SSO
ServiceMDR Leverages DKO/SSO for
CAC Login
DoD Metadata Registry and Clearinghouse
Single Source for the Discovery and
Storage of All DoD Metadata
DeveloperDeveloper
Web Service Interface
Application
Access Metadata at
runtime
Publish and Discover Metadata
at designtime
DKO / SSO
ServiceMDR Leverages DKO/SSO for
CAC LoginService Provider: DISA/NCES
First Available: Feb ‘07Fielding Decision: May ’09
15
A Combat Support Agency
16
• The single user interface for service publishing and service metadata management
• Supports all service registration requirements
• Provides appropriate Service governance and user authorization
• Integrated with– Metadata Registry– Service (UDDI) Registry– Enterprise Catalog
Business Entities: 78 NIPRNet, 77 SIPRNetRegistered Services: 205 NIPRNet, 257 SIPRNet
Service Provider: DISA/NCES
First Available: Feb ‘07Fielding Decision: Aug’09
Purpose: Enables Web services and service specifications to be published, categorized, and discovered within the
NCES enterprise service registry
ServiceConsumer
ServiceProvider
Step 1Post / Publish
Step 2Find/Discover
Step 3 Consume / Invoke
Service Discovery
Ability to discover, develop & reuse
services
Service Discovery
16
Service Discovery
A Combat Support Agency
17
Examine Current Inventoryvia Net-Centric Publisher (NCP)
• Service Registry– Search for: suitable service endpoints
• Examine: WSDL, XSD, Amplifying Document, Service Provider• MDR
– Search for: suitable service descriptions • Examine: WSDL, XSD, Amplifying Document
– Search for: reusable request/response structures & semantics• Examine: XSD, schematron, XSLT, taxonomy
– Search for: COI, domain, or mission area collaborators• Examine: COI Directory
• Content Discovery: Enterprise Catalog– Search for: existing (non-web service) capabilities
• Examine: portals, data source descriptions
17
A Combat Support Agency
18
MessagingMessaging
1. User publishes message
2. Message is routed through the Enterprise
3. Message delivered to remote endpoints
4b. Message delivered to users
4a. Message is stored
Interfaces:
Application
Service Provider: DISA/NCES
First Available: Feb ‘07Fielding Decision: Mar’10
Purpose: Provides a high-speed message bus that enables
organizations to reliably and seamlessly exchange information
publisher subscriber
NCES Messaging
Maritime Domain Awareness (MDA) COI Pilot Usage:
Msgs/Day Published to channels: 78,845Msgs/Day from channels to subscribers: 496,050
A Combat Support Agency
19
Service Provider: DISA/NCES
First Available: Sep ’07Fielding Decision: Mar’10
Purpose: Collects and displays information related to a service’s
planned and actual status, health, and performance
consumer provider
GISMC
JTF/GNO
Enterprise Service
Management
Enterprise Service Management (ESM)
Enterprise Service
Management
Services Monitored: 53Operations Monitored: 177
A Combat Support Agency
20
Purpose: Provides mission-to-mission data transformation,
protocol adaptation, and service orchestration capabilities
MediationPA
DTOR
Mission Applications
- PA Protocol Adaptation- DT Data Transformation- OR Service Orchestration
Service Provider: DISA/NCES
First Available: N/AFielding Decision: Mar ’10
MediationMediation
A Combat Support Agency
21As of 31 March 2009
Status: NCES Is ReadyDemonstrated Capability & Usage
Messaging
Maritime Domain Awareness (MDA) COI Pilot:
# Pub/Sub Channels: 30 Msgs/Day delivered to channels:
78,845Msgs/Day from channels to subscribers):
496,050
–
Mediation
MDA COI Pilot (Google Map) SPAWAR SIL Schema Transform
User Access
Enterprise Service Management
Spiral 2, NIPR & SIPRServices Monitored: 26 UE – 22 CE
Collaboration
E-Collab Center (Button 1)Total Users: 42,382 UE – 14,322 CE
Largest Session: 420 users Total Mtgs / Month: 3,478 UE – 459 CE
Defense Connect Online (Button 2)Total Users: 92,742 UE – 38,778 CE
Largest Session: 1,324 users Total Mtgs Session: 20,393 UE – 7,226 CE
Content Discovery
Discoverable Artifacts: 12.6 M UE – 34.7 M CE
Avg Queries /Day: 744 UE – 40,008 CE
Metadata Discovery
Metadata Artifacts: 239,495 UE –239,513 CETotal Users Registered: 10,765 UE – 339 CEDownloads last 7 days: 8,077 UE – 36 CE
Service Discovery Service Security
Metadata
Registry
Protecting NCES, MDA COI, DCGS JEFX Systems, MIT LL's ESSA
Visits per Month: 8,274 UETotal Entries: 4M UE
People Discovery
Business Entities: 30 UE – 26 CERegistered Services: 163 UE – 90 CE
Content DeliveryEDGE Nodes: 22 UE, 11 CE Content Owners: 14 UE (22 URLs) – 11 CE (21 URLs) Customers:
UE: GCSS-AF, AKO, NKO, USCENTCOM, USJFCOM, BTA(JCCS), DISA (GDS), MDA
CE: DNI, USCENTCOM, NGA, AF (Weather), Marines (Portal), DISA (EMF), Army (TEC)
DKO Accts: 2,160,942 UE – 108,871 CE DKO (Non-Army): 113,470 UE – 8,773CEDKO Unique Logins/Week:
828,048 UE – 16,045CE
UE: Unclassified EnvironmentCE: Classified Environment
A Combat Support Agency
22
Major Users of NCES Services
Enterprise Service
ManagementMessaging Service
SecurityMediation Content
Delivery
Metadata Discovery
MetadataRegistry
Content Discovery
Collaboration Service Discovery
People Discovery
User Access
• AFRICOM• CENTCOM• EUCOM, JFCOM• NORTHCOM• PACOM• STRATCOM• USA, USAF• USN, USMC • Joint Staff
• DCGS FOS• Joint Staff• AFRICOM• CENTCOM• EUCOM,• JFCOM• PACOM• NGA• USFK
• MDA COI• ESSA
• GISMC • MDA DS COI• ESSA• DCGS-A• DCGS-N • Army SOA
• BTA• JFCOM• PACOM• NORTHCOM• DISA• OSD• DIA• DLA• DFAS• DTRA
• NECC• Joint Staff• Army SOA• GCCS-J• TBMCS• NGA• BTA• DTIC• USN JFCOM
• GCSS FOS• NGA• BTA• NATO• MDA DS COI• Strike COI• C2 SSA COI• AFGFMDI• USN
• AKO Forward• NGA• MOL• MARCENT• I/II MEF• AFWA• GCSS-AF
• GIG Users
A Combat Support Agency
23
NCES FDDR and Fielding Decisions
Content Delivery
People Discovery
Metadata Discovery
MetadataRegistry
E-CollabCenter
Defense Connect Online
Content Discovery
User Access
Full Deployment Decision Review (May 2009)
Service Security
Service Discovery
Fielding Decision (August 2009)
Enterprise Service
ManagementMessagingMediation
Fielding Decision (March 2010)Service Security
OE/OS assessment
OE/OS data gathering
A Combat Support Agency
24
FY08 NCES Usage
Automated updates of Intelligence Products available for search :SIPR 28,600,000 products Search Requests Supported :SIPR 17,084,016 requests
Supports NGA’s Goal of “Universal Situational Awareness” (GEOINT Pub 1, June 2004)
“(U) This (Content Discovery) cuts in half the time it takes me to check sites – and the fact that you have so rich a cross section of information will save me even more time as I gather key intel for senior Joint Staff leaders each day. Incredibly useful! Your site is the first in my line-up! “ – Joint Staff, J2 Special Actions Division
Faster, relevant information improves Shared Situational Awareness
= Self-Synchronizing Forces
Content Discovery Value Added
A Combat Support Agency
25
The Maritime Domain Awareness (MDA) Challenge
25
A Combat Support Agency
26
The Future of NCES
• Growing the Customer Base• Rapid expansion of functionality and new services• Leverage Open Source, plug and play where possible• Deliver capabilities faster• Provide robust operational metrics and user feedback
processes to quickly identify and act on shortfalls• Extend the enterprise mindset across the Department• Marketing NCES to improve awareness• Deliver Training to users the way they need it
A Combat Support Agency
27
NCES Information• Public Website (http://www.disa.mil/nces)
– Includes brief descriptions of the services & capabilities provided by the NCES program, along with current news and technical resources
• Intellipedia (https://www.intelink.gov/wiki/Main_Page)– Provides additional NCES capability specific information, including access to the
Enterprise Services Catalog, NCES Blog, FAQs, and links to other external information stores
• DKO User Site (https://www.us.army.mil/suite/page/463866)– Provides a single launch point to all NCES services and access to program
information (e.g., calendar/schedule, configuration & requirements management process, service bulletin)
– Requires DKO Account (DoD CAC or Government Sponsorship)• DKO Developer’s Community (https://www.us.army.mil/suite/page/384284)
– Provides information specific to the developer community that enables the discovery of information and tools needed to support integration with NCES
– Requires DKO Account (DoD CAC or Government Sponsorship)• SoftwareForge.mil (
https://software.forge.mil/sf/projects/nces_reference_implementations)– Provides a collaborative environment to development and share open source and
community source software• Reference Implementation document library• Software Development Kit (SDK), which includes software code samples
– Requires DoD CAC or ECA Certificate to obtain access
A Combat Support Agency
28
Questions?
• General Questions and RequestsEmail: [email protected]
• Technical SupportGIG Infrastructure ServicesManagement Center (GISMC)Tel: 614-692-3136
800-447-2457Email: [email protected]