170 likes | 348 Views
A SAR Solution The First Steps…. Suzette McLeod, IJIS Institute Aaron Gorrell, Waterhole Software. LE SAR Process. Information Exchange Key. Existing Exchange. SAR IEPD. Future SAR IEPDs ??. Suspicious Activity. 911/PSAP. Private Industry. Dispatched LE. Observer.
E N D
A SAR SolutionThe First Steps… Suzette McLeod, IJIS Institute Aaron Gorrell, Waterhole Software
LE SAR Process Information Exchange Key Existing Exchange SAR IEPD Future SAR IEPDs ?? Suspicious Activity 911/PSAP Private Industry Dispatched LE Observer Dispatch (CAD) System Intel System Record Mgt System (RMS) Law Enforcement Investigation or Intelligence Local Law Enforcement Law Enforcement Dispatch Fusion Center Systems State Designated Fusion Center Local Fusion Center* Other State Fusion Centers JTTF / FIG Information Sharing Environment (ISE) * The Local Fusion Center may refer to local intel analytical centers, UASIs, state regional fusion centers, etc..
Data Sharing Concerns • Local and state data sharing and retention statutes and policies vary significantly • Where laws don’t prohibit sharing, the political “noise” may limit SAR sharing • Concerns exist about ISE consumers not respecting local data retention policies
Privacy Solution • Detailed SAR IEPDincludes all SAR data elements with the personal identifying information (PII) uniquely identified for later purging per senders’ date. • Summary SAR IEPDis the detailed SAR excluding PII
Your & My Challenge • Finds ways to leverage and augment EXISTING processes and systems to meet these new information sharing needs • Acknowledge that we will need to tag, flag, and share information based on; • Predefined criteria • Real time human determination • Reactive identification based on Alerts • Proactive identification based on realtime content
SAR Progress • Created a robust IEPD using GJXDM • Now migrating IEPD to NIEM 2.0/Harmony • Reorganizing schema to leverage LEXS capabilities and NDEx cross-referencing • Seeking diverse pilot partners • LE, Fusion Center, DOD Force Protection, Border Control, Port Authority
What is LEXS? • Developed by DOJ/Law Enforcement Information Sharing Program (LEISP) • Uses and depends on entities and associations defined in NIEM • Paradigm shift in organizing and structuring IEPD’s • An extensible framework for creating interoperable IEPDs • Systems will be able to process and display data in LEXS structured schema without system modification (loosely coupled) • Publication & Discovery (LEXS-PD) • For publishing and updating data from a source to a consumer • Is the basis for SAR and N-DEx data submission • Search & Retrieval (LEXS-SR) • For system-to-system federated searches and result drill-downs
X IEPD Consistency • Definition: • Two groups independently developing IEPDs for the same purpose will create incompatible IEPDs. • Result: • Small-scale interoperability between coordinating partners, but not large-scale interoperability between independent community members (i.e., the ultimate promise of standards) • Mitigations: • Top-down standards: requires “center of mass” • Formal standards: long, arduous process • Consensual standards: hard to gather and govern enough participants to “tip”
The “Polyglot” Problem • Definition: • An organization that exchanges data with multiple partners must simultaneously support multiple distinct IEPDs. • Result: • Cost and expertise are limiting factors in the attempt to create robust, rich networks of information exchange – instead, sharing is disjoint and/or shallow
Message Message Metadata Package Package Metadata Package Digest Community Payload Rendering Instructions Package ……………….. Package Attachment ……………….. Attachment Attachment LEXS-PD NIEM DocumentType DocumentType Person Activity Organization A Organization B
Package Metadata • LEXS Version • Data Sensitivity • Data Source Organization • Data Source System • Data Source Contact • Message Date/Time • Message Sequence Number
The Digest • Subset of NIEM • Most commonly used entities and relationships
Digest Associations Telephone Number Person Organization (e.g., gang, corporation, school) Location Property (e.g., vehicle, boat weapon, drug)
The Payload • Location for exchange-specific data not included in the digest • Does not have to be consumed by the receiving system • Human readable when linked with a stylesheet
Rendering Instructions • Link to XSLT file(s) • XSLT Files describe how to display payload (Stylesheet)
Attachments • Attachments are any kind of binary or text-based content
Challenges • Dependent on high degree of common elements across IEPD’s • Current version has been developed with Law Enforcement in mind – digest may not be appropriate for all domains • Latest version LEXS 3.1 is based on NIEM 1.0 • Core.gov