Determinants of health, dimensions of health, positive health and spectrum of...
201403xx ief reference architecture (gtf)
1. Copyright Advanced Systems Management Group Ltd. 1999-2013
INFORMATION EXCHANGE FRAMEWORK (IEF)
REFERENCE ARCHITECTURE SPECIFICATION
March 2014
Presented by: Mike Abramson
President, Advanced Systems Management Group (ASMG) Ltd.
Co-chair OMG C4I Domain Task Force
Chair Information Exchange Framework (IEF)
2. Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Objectives
Reference Architecture and standards for
Policy-Driven Data-Centric information
sharing and safeguarding (ISS)solutions that
enable:
• Responsible Information Sharing
• Dynamic Interoperability
• Information Quality
• Defense in Depth
• Policy-Driven Data-Centric Capabilities
• Rapid Development and Deployment
• Standards Alignment
• Support Ecosystem
Partner 1
Partner 2 Partner N
3. Copyright Advanced Systems Management Group Ltd. 1999-2013
Target Audience
Communities that respond to dynamic changes in their
operational environment:
• Emergency management;
• Public Safety;
• Intelligence;
• Border Security;
• National Security;
• Crisis Response; and
• Military.
Note: Although the specification of IEF the reference architecture is focused on the named domains, the resulting
specification will have the potential to address the concerns of a broader set of communities that need to balance the
sharing of sensitive information (private, confidential, classified and legally significant); e.g.: financial services,
healthcare, government services and business (e.g., countering industrial espionage).
4. Copyright Advanced Systems Management Group Ltd. 1999-2013
Improving Information Quality
Deliver quality Information to decision makers:
1) Actionable
2) Accessible
3) Timely
4) Current
5) Accurate
6) Authoritative
7) Relevant
8) Meaningful
9) Complete
10) Trusted
11) Secure
12) Digestible
13) Usable
14) Concise
15) Assured
16) Auditable
5. Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of Support Infrastructure & Policy Life-cycle
Systematic strategies, practices, tools that
enable:
• Translation of Policy Instruments into a
machine enforceable form
• Automated MDA transforms
• Policy testing, validation and certification
• Architecture Integration
• Modeling, Simulation and Analytics
• Management, Dissemination and
Administration
• Governance
– Information Governance
– Information Management
– Information Assurance
– Retention of institutional memory
6. Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Policy Driven: Define practices and tools that provide traceability from policy
instrument to operation
• Date Centric: Define Services that enforce policy against the specific values of
data-elements during operation
• Separation of Concerns: Define practices and tools that Separate the
development of Policy from the Services the Enforce them
• Policy Automation: Define services that Automate the enforcement of rules
derives from policy instruments
• Service Overlay: Define services the overlay existing infrastructure
• Self-protecting: Define services that protect their on sharing and safeguarding
• Modular Architecture: Define services that are self-contained, scalable and
reusable;
• conform to well defined and open interfaces; provide implementation)
transparency; and conform to open standards.
• Platform Independent: Define services the promote multiple solutions,
products and services
7. Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Related Standards: Define specifications and standards that reuse existing
standards where possible
• Governance and Stewardship: Define Practices, tools and services that
produce information required by:
– Information Governance
– Information Management
– Information Assurance
8. Copyright Advanced Systems Management Group Ltd. 1999-2013
Focus of the IEF RA
• High level Requirements for Policy-
driven Data –centric Services
– Identity, Credential and access
Management (ICAM)
– Access / Release decision and control
Information Packaging and Processing
– Trusted Auditing
• Service Interfaces (as needed)
– Information Dissemination Services
– Platform/Network Security Services
– Platform / Network Services
– Communications
IEF RA Scope
9. Copyright Advanced Systems Management Group Ltd. 1999-2013
Service Overlay
– Decision and Enforcement points for:
• File Exchange
• Web Services
• Instant Messaging
• Email
• Structured Messaging
– Trusted Logging and Auditing Services
– Policy Management Services
– Service Administration
– Interfaces Specifications to Enabling Services:
• Identity Management
• Credential Management
• Domain Management
• Dissemination Services
The Reference Architecture seeks to identify concepts, practices, elements for Information
Sharing and Safeguarding capability that overlays existing information dissemination
infrastructure
10. Copyright Advanced Systems Management Group Ltd. 1999-2013
Challenge being A
• Content Challenge
• Policy Challenge
• Governance Challenge
– Practices
– Traceability
• Dynamic Real-world
Operations
– Addressing changes in
operational Context
11. Copyright Advanced Systems Management Group Ltd. 1999-2013
Information about information
Missing in many environments
User Application
Application Semantics
Application Interface Specification
Exchange Environment
Community Exchange and Service Level Agreements
Community Interface Specifications
Community Exchange Semantics
Community Messaging Protocols
Community Networking and Community Specifications
Data and Information (Semantic) Patterns
• Assembly (Aggregation, Transformation, Tagging and Marking, and
Redaction)
– Structure and data Transformations
– Data and Information element tagging Tags (Ownership,
Security, Privacy, QoS, …)
– Static and Dynamic Filters (Security, Privacy, QoS, …)
– Retrieval from User Data Stores
• Processing (Parsing, Validation, Transformation and Marshalling)
– Message and Data disassembly
– Domain and Semantic Validation
– Data and Structure Transformation
– Entry into User Data Stores
Storage Environment
Storage Semantic
Storage Business Rules
Store attributes and domains
Meta tags and labels
Data and information Relationships
GUIDs / DB Keys
12. Copyright Advanced Systems Management Group Ltd. 1999-2013
Policy Life-cycle & Rules Traceability
• Implementation agnostic policy and
rules vocabularies
• MDA transforms to serial rules
– Policy Languages (e.g., XACML, SAML)
– ETL Scripts
– Middleware Script and Configuration
• Systematic process for translating
policy instruments into machine
readable and enforceable rules
• Use of modeling and simulation and
analytics to test, validate and certify
policy transformations
• Architecture data available for:
– Modeling and Simulation (M&S)
– Governance and oversight (business analytics
and decision support)
– Assurance and certification (analytics)
– Post missions analysis (M&S, analytics, decision
support)
• Policy Management and Administration
– Dissemination to decision and enforcement
points
– Central, distributed or Local administration
• Retention of institutional memory
13. Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Information Handling
(Assembly and Processing)
• Assembly
– Aggregating releasable information elements from source data
– Transforming Source Data to NIEM Taxonomy
– Tagging aggregated Information Elements
• Processing
– Parsing,
– Validating,
– Transforming and
– Marshaling Data Elements
• Data-centric Safeguards for data and information elements
– Automated tagging within the information Structure
– Redaction of data and Information elements,
– Encrypting Information Elements
– Channel Routing
14. Copyright Advanced Systems Management Group Ltd. 1999-2013
IncreasingSensitivity
Selective Information Sharing
Assembly
- Aggregation
- Tagging
- Filtering/Redaction
- Transformation
- Vocabulary
- Structure
Processing
- Parsing
- Validation
- Transformation
- Vocabulary
- Structure
- Marshall / Integrate
Using Standards Exchange Semantics (e.g., NIEM) and a Adaptive Filtering
to Enabling Recipient Selective Sharing of Information
Policy Automation for Semantic Assembly and Adaptive Filtering
Formatted NIEM Message
15. Copyright Advanced Systems Management Group Ltd. 1999-2013
Addressing Information Requirements
ObjectItem
Organization
PersonéRole Location
NIEM CORE &
Selected Domains
Personnel SA
IEPD/XSD
16. Copyright Advanced Systems Management Group Ltd. 1999-2013
Information Packaging Service(s)
• Service or set of services that
automate information packaging
policy developed using the IEPPV
– Contract factory (formats and
releases messages)
– Information Factory (packages
data)
– Interfaces
• Rules Import
• Management
• Configuration File
• Externals Service
• Application
• Logging
• Session(s) to Dissemination
Services
– IEF Service & Factory Controller
– Policy/Rules Store
• Information Exchange Specification
– Information Specification
• SemanticElement
• TransactionalElement
– Assembly
– Transformation
– Redaction/Filtering
• WrapperElement
– Distribution Specification
17. Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of the IEF
• Specify Policy Vocabularies that enable the translation of policy instruments to
machine readable and executable rules
• Specify decision and enforcement points that gate access to or release of
information based on active enforcement of security/privacy policy
• Specify supporting services:
– Packaging and processing
– Policy Management
– The logging and auditing
– Encryption
– Secure Storage of data/information elements (Secure Container)
– Secure distribution/dissemination
• Enable information sharing and safeguarding
across a wide range of domain specific
information domains and
user defined policy models
• NEW: RFP for an IEF Reference
Architecture (IEF RA)
18. Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture
The Submissions shall include:
• Reference Architecture: defining the abstract architectural elements comprising the a
Policy Driven Data-Centric information sharing and safeguarding solution
• Reference Model [PIM]: illustrating an abstract framework for understanding
significant relationships among the entities comprising IEF solutions.
• Platform Specific Model(s): Providing one or more platform specific models, aligning
the reference architecture elements to specific standards, protocols, tools and
technologies.
• Operating Concept: Describing the operating characteristics for the IEF:
– Statement of the goals and objectives;
– Operational conditions/contexts affecting the system;
– Organizations, activities, processes and interactions among participants using the system;
– Specific operational concept and processes for fielding the system; and
– Processes for initiating, developing, maintaining and adapting the system.
• Use cases: Providing guidance reference architecture elements are used to share and
safeguard information using file sharing, text/instant messaging, Web Service and
structure messaging (e.g., NIEM).
19. Copyright Advanced Systems Management Group Ltd. 1999-2013
Summary
Policy-Driven Data-Centric ISS Services
Source Requirement
Legislation/International Agreement
Government Policy
Regulation
Agency Policy
Operating Procedures
Service Level Agreements
ChangeRecommendations
1
1
2
2
Executable
Policy
20. Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture RFP
• Submitted to MARS PTF for first review December 2013
• Comments Integrated and resubmitted February 24th 2014 for Architecture Review
and Issuance (March 2014 TC meeting)
27
21. Copyright Advanced Systems Management Group Ltd. 1999-2013
Questions and Answers
Mike Abramson,
President Advanced Systems Management Group (ASMG) Ltd.
Co-Chair C4I DTF
Chair IEF WG
265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1
Fax: 613-231-2556
Phone: 613-567-7097 x222
Email: abramson@asmg-ltd.com
Information Exchange Framework
September 2013