Copyright Advanced Systems Management Group Ltd. 1999-2013
INFORMATION EXCHANGE FRAMEWORK (IEF)
REFERENCE ARCHITECTURE SPE...
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Objectives
Reference Architecture and standards for
Policy-...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Target Audience
Communities that respond to dynamic changes in ...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Improving Information Quality
Deliver quality Information to de...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of Support Infrastructure & Policy Life-cycle
Systematic ...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Policy Driven: Define prac...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Architecture and Design Principles
• Related Standards: Define ...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Focus of the IEF RA
• High level Requirements for Policy-
drive...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Service Overlay
– Decision and Enforcement points for:
• File E...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Challenge being A
• Content Challenge
• Policy Challenge
• Gove...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Information about information
Missing in many environments
User...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Policy Life-cycle & Rules Traceability
• Implementation agnosti...
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Information Handling
(Assembly and Processing)
• Assembly
–...
Copyright Advanced Systems Management Group Ltd. 1999-2013
IncreasingSensitivity
Selective Information Sharing
Assembly
- ...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Addressing Information Requirements
ObjectItem
Organization
Per...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Information Packaging Service(s)
• Service or set of services t...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Scope of the IEF
• Specify Policy Vocabularies that enable the ...
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture
The Submissions shall include:
• Ref...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Summary
Policy-Driven Data-Centric ISS Services
Source Requirem...
Copyright Advanced Systems Management Group Ltd. 1999-2013
IEF Reference Architecture RFP
• Submitted to MARS PTF for firs...
Copyright Advanced Systems Management Group Ltd. 1999-2013
Questions and Answers
Mike Abramson,
President Advanced Systems...
Upcoming SlideShare
Loading in …5
×

201403xx ief reference architecture (gtf)

402 views

Published on

Information Exchange Framework - for Responsible Information sharing

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
402
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

201403xx ief reference architecture (gtf)

  1. 1. Copyright Advanced Systems Management Group Ltd. 1999-2013 INFORMATION EXCHANGE FRAMEWORK (IEF) REFERENCE ARCHITECTURE SPECIFICATION March 2014 Presented by: Mike Abramson President, Advanced Systems Management Group (ASMG) Ltd. Co-chair OMG C4I Domain Task Force Chair Information Exchange Framework (IEF)
  2. 2. Copyright Advanced Systems Management Group Ltd. 1999-2013 IEF Objectives Reference Architecture and standards for Policy-Driven Data-Centric information sharing and safeguarding (ISS)solutions that enable: • Responsible Information Sharing • Dynamic Interoperability • Information Quality • Defense in Depth • Policy-Driven Data-Centric Capabilities • Rapid Development and Deployment • Standards Alignment • Support Ecosystem Partner 1 Partner 2 Partner N
  3. 3. Copyright Advanced Systems Management Group Ltd. 1999-2013 Target Audience Communities that respond to dynamic changes in their operational environment: • Emergency management; • Public Safety; • Intelligence; • Border Security; • National Security; • Crisis Response; and • Military. Note: Although the specification of IEF the reference architecture is focused on the named domains, the resulting specification will have the potential to address the concerns of a broader set of communities that need to balance the sharing of sensitive information (private, confidential, classified and legally significant); e.g.: financial services, healthcare, government services and business (e.g., countering industrial espionage).
  4. 4. Copyright Advanced Systems Management Group Ltd. 1999-2013 Improving Information Quality Deliver quality Information to decision makers: 1) Actionable 2) Accessible 3) Timely 4) Current 5) Accurate 6) Authoritative 7) Relevant 8) Meaningful 9) Complete 10) Trusted 11) Secure 12) Digestible 13) Usable 14) Concise 15) Assured 16) Auditable
  5. 5. Copyright Advanced Systems Management Group Ltd. 1999-2013 Scope of Support Infrastructure & Policy Life-cycle Systematic strategies, practices, tools that enable: • Translation of Policy Instruments into a machine enforceable form • Automated MDA transforms • Policy testing, validation and certification • Architecture Integration • Modeling, Simulation and Analytics • Management, Dissemination and Administration • Governance – Information Governance – Information Management – Information Assurance – Retention of institutional memory
  6. 6. Copyright Advanced Systems Management Group Ltd. 1999-2013 Architecture and Design Principles • Policy Driven: Define practices and tools that provide traceability from policy instrument to operation • Date Centric: Define Services that enforce policy against the specific values of data-elements during operation • Separation of Concerns: Define practices and tools that Separate the development of Policy from the Services the Enforce them • Policy Automation: Define services that Automate the enforcement of rules derives from policy instruments • Service Overlay: Define services the overlay existing infrastructure • Self-protecting: Define services that protect their on sharing and safeguarding • Modular Architecture: Define services that are self-contained, scalable and reusable; • conform to well defined and open interfaces; provide implementation) transparency; and conform to open standards. • Platform Independent: Define services the promote multiple solutions, products and services
  7. 7. Copyright Advanced Systems Management Group Ltd. 1999-2013 Architecture and Design Principles • Related Standards: Define specifications and standards that reuse existing standards where possible • Governance and Stewardship: Define Practices, tools and services that produce information required by: – Information Governance – Information Management – Information Assurance
  8. 8. Copyright Advanced Systems Management Group Ltd. 1999-2013 Focus of the IEF RA • High level Requirements for Policy- driven Data –centric Services – Identity, Credential and access Management (ICAM) – Access / Release decision and control Information Packaging and Processing – Trusted Auditing • Service Interfaces (as needed) – Information Dissemination Services – Platform/Network Security Services – Platform / Network Services – Communications IEF RA Scope
  9. 9. Copyright Advanced Systems Management Group Ltd. 1999-2013 Service Overlay – Decision and Enforcement points for: • File Exchange • Web Services • Instant Messaging • Email • Structured Messaging – Trusted Logging and Auditing Services – Policy Management Services – Service Administration – Interfaces Specifications to Enabling Services: • Identity Management • Credential Management • Domain Management • Dissemination Services The Reference Architecture seeks to identify concepts, practices, elements for Information Sharing and Safeguarding capability that overlays existing information dissemination infrastructure
  10. 10. Copyright Advanced Systems Management Group Ltd. 1999-2013 Challenge being A • Content Challenge • Policy Challenge • Governance Challenge – Practices – Traceability • Dynamic Real-world Operations – Addressing changes in operational Context
  11. 11. Copyright Advanced Systems Management Group Ltd. 1999-2013 Information about information Missing in many environments User Application Application Semantics Application Interface Specification Exchange Environment Community Exchange and Service Level Agreements Community Interface Specifications Community Exchange Semantics Community Messaging Protocols Community Networking and Community Specifications Data and Information (Semantic) Patterns • Assembly (Aggregation, Transformation, Tagging and Marking, and Redaction) – Structure and data Transformations – Data and Information element tagging Tags (Ownership, Security, Privacy, QoS, …) – Static and Dynamic Filters (Security, Privacy, QoS, …) – Retrieval from User Data Stores • Processing (Parsing, Validation, Transformation and Marshalling) – Message and Data disassembly – Domain and Semantic Validation – Data and Structure Transformation – Entry into User Data Stores Storage Environment Storage Semantic Storage Business Rules Store attributes and domains Meta tags and labels Data and information Relationships GUIDs / DB Keys
  12. 12. Copyright Advanced Systems Management Group Ltd. 1999-2013 Policy Life-cycle & Rules Traceability • Implementation agnostic policy and rules vocabularies • MDA transforms to serial rules – Policy Languages (e.g., XACML, SAML) – ETL Scripts – Middleware Script and Configuration • Systematic process for translating policy instruments into machine readable and enforceable rules • Use of modeling and simulation and analytics to test, validate and certify policy transformations • Architecture data available for: – Modeling and Simulation (M&S) – Governance and oversight (business analytics and decision support) – Assurance and certification (analytics) – Post missions analysis (M&S, analytics, decision support) • Policy Management and Administration – Dissemination to decision and enforcement points – Central, distributed or Local administration • Retention of institutional memory
  13. 13. Copyright Advanced Systems Management Group Ltd. 1999-2013 IEF Information Handling (Assembly and Processing) • Assembly – Aggregating releasable information elements from source data – Transforming Source Data to NIEM Taxonomy – Tagging aggregated Information Elements • Processing – Parsing, – Validating, – Transforming and – Marshaling Data Elements • Data-centric Safeguards for data and information elements – Automated tagging within the information Structure – Redaction of data and Information elements, – Encrypting Information Elements – Channel Routing
  14. 14. Copyright Advanced Systems Management Group Ltd. 1999-2013 IncreasingSensitivity Selective Information Sharing Assembly - Aggregation - Tagging - Filtering/Redaction - Transformation - Vocabulary - Structure Processing - Parsing - Validation - Transformation - Vocabulary - Structure - Marshall / Integrate Using Standards Exchange Semantics (e.g., NIEM) and a Adaptive Filtering to Enabling Recipient Selective Sharing of Information Policy Automation for Semantic Assembly and Adaptive Filtering Formatted NIEM Message
  15. 15. Copyright Advanced Systems Management Group Ltd. 1999-2013 Addressing Information Requirements ObjectItem Organization PersonéRole Location NIEM CORE & Selected Domains Personnel SA IEPD/XSD
  16. 16. Copyright Advanced Systems Management Group Ltd. 1999-2013 Information Packaging Service(s) • Service or set of services that automate information packaging policy developed using the IEPPV – Contract factory (formats and releases messages) – Information Factory (packages data) – Interfaces • Rules Import • Management • Configuration File • Externals Service • Application • Logging • Session(s) to Dissemination Services – IEF Service & Factory Controller – Policy/Rules Store • Information Exchange Specification – Information Specification • SemanticElement • TransactionalElement – Assembly – Transformation – Redaction/Filtering • WrapperElement – Distribution Specification
  17. 17. Copyright Advanced Systems Management Group Ltd. 1999-2013 Scope of the IEF • Specify Policy Vocabularies that enable the translation of policy instruments to machine readable and executable rules • Specify decision and enforcement points that gate access to or release of information based on active enforcement of security/privacy policy • Specify supporting services: – Packaging and processing – Policy Management – The logging and auditing – Encryption – Secure Storage of data/information elements (Secure Container) – Secure distribution/dissemination • Enable information sharing and safeguarding across a wide range of domain specific information domains and user defined policy models • NEW: RFP for an IEF Reference Architecture (IEF RA)
  18. 18. Copyright Advanced Systems Management Group Ltd. 1999-2013 IEF Reference Architecture The Submissions shall include: • Reference Architecture: defining the abstract architectural elements comprising the a Policy Driven Data-Centric information sharing and safeguarding solution • Reference Model [PIM]: illustrating an abstract framework for understanding significant relationships among the entities comprising IEF solutions. • Platform Specific Model(s): Providing one or more platform specific models, aligning the reference architecture elements to specific standards, protocols, tools and technologies. • Operating Concept: Describing the operating characteristics for the IEF: – Statement of the goals and objectives; – Operational conditions/contexts affecting the system; – Organizations, activities, processes and interactions among participants using the system; – Specific operational concept and processes for fielding the system; and – Processes for initiating, developing, maintaining and adapting the system. • Use cases: Providing guidance reference architecture elements are used to share and safeguard information using file sharing, text/instant messaging, Web Service and structure messaging (e.g., NIEM).
  19. 19. Copyright Advanced Systems Management Group Ltd. 1999-2013 Summary Policy-Driven Data-Centric ISS Services Source Requirement Legislation/International Agreement Government Policy Regulation Agency Policy Operating Procedures Service Level Agreements ChangeRecommendations 1 1 2 2 Executable Policy
  20. 20. Copyright Advanced Systems Management Group Ltd. 1999-2013 IEF Reference Architecture RFP • Submitted to MARS PTF for first review December 2013 • Comments Integrated and resubmitted February 24th 2014 for Architecture Review and Issuance (March 2014 TC meeting) 27
  21. 21. Copyright Advanced Systems Management Group Ltd. 1999-2013 Questions and Answers Mike Abramson, President Advanced Systems Management Group (ASMG) Ltd. Co-Chair C4I DTF Chair IEF WG 265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1 Fax: 613-231-2556 Phone: 613-567-7097 x222 Email: abramson@asmg-ltd.com Information Exchange Framework September 2013

×