1 / 26

Enterprise Infrastructure Reference Implementation (EIRI)

Defense Information Systems Agency. A Combat Support Agency. Enterprise Infrastructure Reference Implementation (EIRI). DISA CTO. The Situation and a Better Solution. A Net-Centric Enterprise - Services -. Today’s Pt-to-Pt Quagmire - Interfaces -.

garret
Download Presentation

Enterprise Infrastructure Reference Implementation (EIRI)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Defense Information Systems Agency A Combat Support Agency Enterprise Infrastructure Reference Implementation (EIRI) DISA CTO

  2. The Situation and a Better Solution A Net-Centric Enterprise - Services - Today’s Pt-to-Pt Quagmire - Interfaces - Based on technology to dynamically discover new sources of data and services leveraging enterprise services specifications and standards. Based on socialization – call a buddy and subscribe to an RSS feed.

  3. Industry Example 3

  4. DoD Example 4

  5. Objectives From Systems to Services, From Programs to Capabilities Rapid Development…ofEnterprise Mission Services • EIRI is a leading-edge effort intended to develop the processes and procedures to rapidly and cost-effectively deliver information sharing capabilities to the Department • EIRI will leverage Net-Centric Enterprise Services (NCES) standards and capabilities in exposing data net-centrically • EIRI will provide shoulder-to-shoulder assistance to help organizations implement those processes and procedures 5

  6. Authorization Message Bus Enterprise Level Attribute WS-Service Attribute Store User Request PEP Policy Decision Point Permit, Deny Unk,N/A Message Topic Message Topic Local Level Subscribers Publishers JUM Message Broker Mediation Service Data Repository Message Topic Policy Store Policy WS-Service • Stores information in a centralized repository • Uses Xquery for access, manipulate and retrieve operations • Searches and locates information with pinpoint accuracy • Extensive full-text, structured, geospatial, and real-time search features • Analyzes to understand and exploit what you have • Built in indexes to speed analysis of data • Delivers content to users in multiple contexts • Send content to multiple devices and users Rules for Enterprise Services in C2 JCTDs

  7. Data Exchange Design Approaches Web Service (Request/Response) • Use when data needed by the consumer is specific and bound by indicated parameters JUM Interface (Publish/Subscribe ) • Joint User Messaging (JUM) • Use when data is frequently updated, relatively small, and relevant to a large number of users SharePointReference Implementation • Package add-on which will allows for communication with JUM • Use if you already have SharePoint and now wish to share data Hybrid – some combination of these design approaches 7

  8. Web Service (Request/Response)

  9. Joint User Messaging (JUM) (Publish/Subscribe)

  10. SharePoint Reference Implementation

  11. Hybrid Design

  12. Use Case TRANSCOM IGC JOPES ABAC Web Service ABAC CDMS XML Repository 1. Point to Point data exchange from TRANSCOM/IGC to JOPES 2. Enterprise data exchange / Joint user Messaging (JUM) and ABAC 3. TRANSCOM to Machine data exchange via JUM pub/sub 4. TRANSCOM to User data exchange using CDMS (translation) via JUM 5. TRANSCOM to XML (store for later use) 6. XML (data repository) to User (forward) 7. User to ABAC enabled Web Service with a Question (Request) 8. Web Service back to User (Response) 9. Disolve Pt To P t Connection between TRANSCOM/IGC and JOPES

  13. EIRI Process Approvals • Finalize requirements • Finalize design approach • Obtain approval • Determine ABAC Policy • Obtain Port Exceptions Preparation • Complete Initial Survey • EIRI 101 Telecon • EIRI 101 • ABAC 101 • JUM 101 • Discuss Design Options S2S Site Visit • JUM and/or Web Svc • ABAC • CDMS, XML, ESM • Milestones/Deliverables • Register Service Production • Operationalize Coordination • Weekly Update Mtgs • Finalize Schema • Develop Interface(s) • Implement NCES tools • Test Day 45 Day 0 Publish in 45 days - now that’s rapid!

  14. JFCOM NORTHCOM SOUTHCOM SOCOM TRANSCOM Army NAVY NII Data Pilots Joint Staff EUCOM AFRICOM HHS COCOM and Partner Participation

  15. Response from Our Partners “The knowledge brought to the table and speed of implementation proved invaluable to the Pilot.” -- Josh Taylor, C2 Data Pilot Phase IVB Project Lead “Puts us on the pub/sub ground floor and this is very exciting“ -- Brig. Gen. Robert Yates, JFCOM “It isn’t that hard” -- Don Runnels, Asynchrony Solutions,supporting TRANSCOM J6 15

  16. In Summary • EIRI provides shoulder-to-shoulder engineering and a “how to” process to support the rapid exposure of NCES-compliant mission services to the Enterprise • NCES compliance, enterprise attributes, and ABAC security provide assurance that information exposed to the Enterprise is visible, interoperable, secure, and accessible by all authorized users • Our data can be our competitive advantageagainst tomorrow’s threats "... [The] next great opportunity for us is universal situational awareness.  Anything that disrupts the envelope -- we see it and we can act on it, whether it's in the air, on land, or underwater. Our biggest competitive advantage can be our knowledge.”                - ADMIRAL MICHAEL MULLEN CHAIRMAN OF THE JOINT CHIEFS OF STAFF, 2010 16

  17. EIRI Support Contacts • Carlos Vera, EIRI Technical Lead, 703-882-0425, Carlos.Vera@disa.mil • Cheryl Porter Brown, 858-220-9225, cheryl@porter-brown.net • Wendy Crowell, 816-668-4643 wcrowell@stassociates.com • Blaine Newlon, 703-882-1326, blaine.newlon.ctr@disa.mil

  18. Rules for Enterprise Services in C2 JCTDs • Purpose : To comply with DoD Policy and Guidance for the net-centric enterprise • Policy: All Joint Concept Technology Demonstrations (JCTD) within the Command and Control (C2) portfolio will use the following Enterprise services: • Attribute Based Access Control (ABAC) - Access control method that uses identity attributes about Users (Humans and Machines) to make security access decisions to data • Joint User Messaging (JUM) - DISA enterprise messaging service • Common Data Mediation Service (CDMS) • Inbound data can be mediated into a canonical model, allowing data consumers to deal with consistently formatted data regardless of origination • Outbound data can be mediated into alternative formats as needed, providing interoperability with alternative data formats without having to couple a system to any one format • XML Data Repository (Mark Logic) - Enterprise XML repository. Single copy-of-record content storage, on top of which new information products can be created that slice, dice and re-purpose content in new ways so content is easily accessed. (Enterprise License) • Intent to use these four services must be documented in the Implementation Directive of new JCTDs starting in FY11 and complied with by pre-FY11 JCTDs • ABAC, CDMS, and JUM Enterprise services available for download at Forge.mil (www.Forge.mil) • DOD Information Enterprise Architecture provides additional guidance on transformation to net-centric operations at http://cio-nii.defense.gov/sites/diea/ 19

  19. Attribute Based Access Control(ABAC) Services Attribute Service Policy Service Enterprise Level Attribute WS-Service Policy WS-Service Policy Store Attribute Store User Request Policy Decision Point Yes or No Local Level If needed If needed Attribute WS-Service Policy WS-Service Policy Store Attribute Store Exposes Individual’s Attributes by using a Web Service Exposes Policy Statements as a Web Service 20

  20. Joint User Messaging (JUM) • Information Distribution Suite (IDS) provides the technology platform for JUM, supplying a WS-Notification message broker, messaging bus, and web portal for user interfacing components Publish/Subscribe/Alert instead of Point-to-Point Joint User Messaging (JUM ) is an enterprise service to enable user-to-user, user-to-machine, and machine-to-machine messaging across the joint enterprise 21

  21. Enterprise InfrastructureReference Implementations • Critical InfrastructureTime-to-Decide • White House 0+45 min Content Discovery DL1123 2 Collaboration Real-time voice, text, video, application sessions SMADS SkiWeb NGA Maps DISA GISMC NSLDSS Visualization (Strategic Watch) NSLDSS TOI Tracker XML * Data Repository Strategic Watch Server Attribute Based Access AEISS (JUON) LAS Policy Store CPDP CDMS PEP M/IDS Active Conferences: CFACC and ONEC Senior Participants: NCdr, EA Domestic Attack Assessment: NO ATTACK EXERCISE NCES ERSA Joint User Messaging (JUM) Call Sign: DL1123 Acft Type:B767 / US Crew/Pax:7 / 128 VIP NCES to JUM Bridge Lincoln Labs to DECC Interceptors Flight Plan Route Presumed target Velocity vectors Velocity vector TOI Actual Route of Flt Splash estimate Access to data; improved content awareness SIPRNet DISA DECC COLUMBUS TMSE (GCCS-J) DISA DECC San Antonio * Currently XML Data Repository Not Located in the DECC

  22. Common Data Mediation Service (CDMS)

  23. XML Data Repository Commercial Based Product that: • Stores information in a centralized repository • Uses Xquery for access, manipulate and retrieve operations • Searches and locates information with pinpoint accuracy • Extensive full-text, structured, geospatial, and real-time search features • Analyzes to understand and exploit what you have • Built in indexes to speed analysis of data • Delivers content to users in multiple contexts • Send content to multiple devices and users

  24. JUM - SOCOM SharePoint Integration SOCOM SharePoint Connector Joint Staff SharePoint Connector

  25. Net-Centric Guidance DoD CIO 3-in-1 memo ICD 501 DoD Net-Centric Services Strategy DoD IEA Net-Centric Data Strategy JROCM 010-08 8320.02-M XML Registration Memo DoD 8320.02G DoD Dir 8320.02 CJCSI 6212.01E CJCSI 6212 Wiki 2002 2004 2006 2008 2010 8320 “It is DoD policy that: 4.1. Data is an essential enabler of network-centric warfare (NCW) and shall be made visible, accessible, and understandable to any potential user in the Department of Defense as early as possible in the life cycle to support mission objectives.”

More Related