1 / 10

Washington Integrated Justice Information Board December 20, 2005

Justice Information Network Data Exchange (JINDEX) Security and Business Requirements . Washington Integrated Justice Information Board December 20, 2005. Scott Bream Department of Information Services. Issues.

damaris
Download Presentation

Washington Integrated Justice Information Board December 20, 2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Justice Information Network Data Exchange (JINDEX) Security and Business Requirements Washington Integrated Justice Information Board December 20, 2005 Scott Bream Department of Information Services

  2. Issues • Decision to move PCH/CACH application to production warranted review of security and authentication requirements. • Production security requirements are more rigorous than pilot security requirements. • Need to provide additional identifiers will require modification to King and Yakima County applications. • Need to provide multiple authentication requirements over time will require need for constant re-coding and will prevent JINDEX from scaling.

  3. Pilot Authentication Requirements • Assumed that consuming entities (King and Yakima Counties) would be responsible and liable for allowing only authorized users access. • King and Yakima Counties would be required to pass only their agency identifiers to back-end providers. • Trust from consuming entities would be preserved through encrypted messaging between trusted servers. • JINDEX will act primarily as a messaging switch, passing through the required credentials.

  4. WSP TRUST TRUST Burien Police King Co. ORI King Co. ORI King Co. RACF ID King Co. ID Yakima Co. ORI Seattle Police IGN WSP ACCESS User Agreement King Co. ID AOC User Agreement AOC Yakima Police King Co. RACF ID Yakima Co. ID Yakima Co. RAFC ID Yakima Co. ORI Yakima Co. RAFC ID City of Othello WSP ACCESS User Agreement Yakima Co. ID AOC User Agreement Pilot Authentication Model King County Yakima County

  5. Provider-Driven Production Authentication Model • Based on production requirements established by WSP and AOC. • Requires input of end-user identifier in addition to consuming entity identifier. • Creates need for King and Yakima Counties to modify applications. • Becomes more complex as application grows. • Not consistent with scalable, highly secure, re-usable Web Services best practices.

  6. WSP Seattle Police ORI Seattle Police ORI King Co. ORI King Co. ORI Yakima Co. ORI King Co. RACF Seattle Police RACF + King Co. ID Yakima Police ORI IGN + King Co. ID AOC King Co. RACF + Yakima Co. ID Yakima Co. RACF Yakima Co. ORI Seattle PD RACF Yakima Co. RAFC ID Yakima Police RACF Yakima Police ORI + Yakima Co. ID Yakima Police RACF Provider-Driven Production Authentication Model AOC User Agreement WSP ACCESS User Agreement King County Burien Police Burien Police ORI Burien Police RACF Seattle Police WSP ACCESS User Agreement Seattle Police ORI Seattle Police RACF AOC User Agreement Yakima County Yakima Police Yakima Police ORI Yakima Police RACF City of Othello WSP ACCESS User Agreement Othello PD ORI Othello PD RACF AOC User Agreement

  7. Input and Discussion Washington State Patrol and Administrative Office of the Courts will provide input on authentication requirements and impacts on code and scalability.

  8. Possible JINDEX Authentication Model • Assumes that consuming entities would be responsible and liable for allowing only authorized users access. • Envisions creation of a centralized registration service for each consuming entity that identifies those data-providers to which they have been granted access. • Would change the role of the JINDEX from simple message broker to trusted agent. • Will require the creation of new JINDEX services outside the scope of the current contract with Online Business Systems.

  9. TRUST TRUST TRUST WSP JINDEX Validation Service King Co. Server ID Burien Police King Co. - - - King Co. ID JINDEX ORI Seattle Police DOL Yakima Co. - - WSP ACCESS User Agreement King Co. ID JINDEX DOL ID AOC User Agreement WSDOT - - - AOC Yakima Police JINDEX RACF ID Yakima Co. ID Yakima Co. Server ID City of Othello WSP ACCESS User Agreement Yakima Co. ID AOC User Agreement Possible Centralized Authentication Model King County WSP AOC DOL WSP DOL User Agreement AOC Yakima County DOL WSP ACCESS Add-User Agreement AOC Add-User Agreement DOL Add-User Agreement

  10. Questions? Scott Bream, DIS scott@dis.wa.gov (360) 902-3460

More Related