180 likes | 303 Views
Law Enforcement National Data Exchange SEARCH Annual Membership Group Meeting July 20, 2007. Development Schedule. Anticipated Dates. Increment 1: 1 st Quarter, 2008 Increment 2: 1 st Quarter, 2009 Increment 3: 1 st Quarter, 2010. Development and Implementation.
E N D
Law Enforcement National Data Exchange SEARCH Annual Membership Group Meeting July 20, 2007
Development Schedule Anticipated Dates • Increment 1: • 1st Quarter, 2008 • Increment 2: • 1st Quarter, 2009 • Increment 3: • 1st Quarter, 2010
Development and Implementation • Performance-Based Acquisition • Development contract awarded to Raytheon Company, February 12, 2007 • Contractor start date – February 26, 2007 • Incremental Deployment • Increment I – February 2008 • Sharing of incident/case report information • Search • Correlation (basic) • Visualization (basic) • Limited fail-over capability • Initial support – 50,000 users
Development and Implementation, cont. • Increment II – February 2009 • Add data sets – incarceration data and arrest/booking data • Correlation (advanced) • Visualization (advanced) • Subscription/Notification (advanced) • Analytical/Reporting (basic) • Increasing system fail-over capabilities • 100,000 Users
Development and Implementation, cont. • Increment III – February 2010 • Add data sets – probation/parole data • Enhancements and modifications to previously deployed functionality • Analytical reporting (advanced) • Implement fully redundant system and environments • 200,000 Users • Operations and Maintenance Delivery – September 2010
Major Activities, Milestones, and Reviews for Increment 1 Program Management Integrated Baseline Review (IBR) May 2 Week 8 Development and Test Week 4 Design Concept Review (DCR) Requirements & Architecture Mar 15 Prototyping Critical Design Review (CDR) Week 10 May 8 Detailed Design Final Design Review (CONTROL GATE 3) Week 13 May 30 Production Test Readiness Review (PTRR) Week 21 Jul 26 Component Development, Test & Integration Deployment Readiness Review (DRR) (CONTROL GATE 4) Week 26 Implementation and Integration Aug 29 Functional & Interface Testing System Test Readiness Review (STRR) (CONTROL GATE 5) Week 31 Oct 4 Deploy to CJIS Acceptance Test Readiness Review (ATRR) Week 34 Oct 26 System Test Operational Readiness Review (ORR) Nov 13 Acceptance Test Operational Acceptance Review (OAR) (CONTROL GATE 6) Feb 2008 Training, C&A, Deployment Operations and Maintenance Operations and Maintenance
N-DEx Data Sensitivity Levels The entering agency categorizes data submitted to the System into levels of sensitivity upon which the dissemination of the information/data is controlled. APB Approved Sensitivity Levels: LEVEL 1 - SHARED N-DEx shall provide the capability for data contributors to allow sharing data it submits to N-DEx LEVEL 2 – CONDITIONALLY SHARED N-DEx shall provide the capability for data contributors to specify “pointer based” sharing of data. (i.e. provide POC information only) LEVEL 3 – NOT SHARED N-DEx shall provide the capability for data contributors to restrict data its submits to N-DEx. This level is reserved for the most restricted investigations and investigative information. - This capability will allow agencies to submit information for sharing but control the dissemination of sensitive information to protect investigative equities. - Sensitivity applied to specific data elements if needed
Key Data Sharing Requirements: Increment 1 Allow agency to control how and with whom their data is shared Agencies can enforce sharing restrictions for their data through agency-administered policy on N-DEx or by tagging data prior to submission to N-DEx. Accommodate changes to sharing policy N-DEx provides tools and mechanisms to allow each agency policy to change/select policies, without modifications to N-DEx system Allow data contributors to designate their data as: Unrestricted sharing (Green) * Pointer-based sharing (Yellow) * Restricted sharing (Red) * Allows data contributor to specify “exceptions” for red or yellow data (i.e. who can view the red or yellow data) 8 8
Key Data Sharing Requirements: Increment 1 (cont.) Allow data contributors to grant access to pointer-based (yellow) and restricted (red) data to selected users, groups, or agencies N-DEx provides tools for fine-grained access control, e.g., to certain individuals or groups/task forces Allow data contributors to configure sharing rules at the record, element/attribute or groups of elements/attributes level N-DEx provides tools for fine-grained access control, e.g., to certain elements such as victim identifying information Allow agencies to tag data prior to submission to N-DEx Agencies can restrict sharing at the record level only using this method Agencies can select generally who can view their red or yellow data using N-DEx User Interface – applies to all red or yellow records Agencies can’t take full advantage of the flexible sharing policies if they opt to tag their data prior to submission (but can configure N-DEx to ignore their tags and use N-DEx tagging policies at a later time) 9 9
Implementation Process • During integration planning, Contributor indicates sharing policy intent: • Unrestricted data only (ALL GREEN) • Agency-supplied tags • N-DEx assigned tags unrestricted data only N-DEx assigned tags agency-supplied tags • Contributor • Creates and assigns sharing groups • Contributor • Selects subset of rules appropriate for its data • Creates and assigns sharing groups • During operations, Contributor may • Modify sharing groups • During operations, Contributor may • Modify sharing groups • Affect (activate/deactivate) sharing rules • Affect specific records, all records, or new submissions Contributor may migrate from unrestricted data (ALL GREEN) only, or agency-supplied, to N-DEx-assigned tags after coordinating with N-DEx operations staff
Granularity of Sharing Policy • Sharing policy can apply to • entire records • specific elements/attributes within the record, or • groups of elements/attributes • If data received pre-tagged, sharing policy must apply to entire record (#’s 1-3 in example)
Sharing Rules, Increment 1 In Increment 1, contributors can select rules from a pre-defined list Candidate rules include: Note: “personal identifying data” is Name, SSN, Age, and Address 12
Sharing Rules for “Pre-Tagged” Data If a contributor chooses to submit data pre-tagged sharing policy specifies who has access to any restricted (RED) or pointer-based (YELLOW) incident reports 13
Interfaces – Business Rules • Insert/Replace • Based on unique data item id • When publish instruction is “Insert” • Record does not exist in N-DEx: record is Inserted • Record exists in N-DEx: record is Replaced • Delete • Based on unique data item id • When publish instruction is “Delete” • Record exists in N-DEx: record is deleted. • Send expungements as a “Delete” Message
Interfaces – Business Rules • Supplements • Supplements: two records logically related. • The LEA System has two options: • Option 1: Represent in N-DEx as two records • Option 2: In mapping create one Report with all of the entities of both records. • When a supplement is created the LEA System must send the original record and all supplements. • Example: For N-DEx purposes a supplement is a record that is related to another record but managed separately by the RMS system. These are commonly seen as records numbered like: 12345 (primary record), 12345.1 (supplement 1 to 12345), 12345.2 (supplement 2 to 12345).
Continued Role of N-DEx SMEs • Raytheon usability prototype and wireframes • On-line review and comments • Participation over several months as Increment 1 evolves • Participation will continue for Increment 2 & 3 • Training/Audit • Review CBT and Training Guides • Review Audit Plan and Guide • Participate in Testing • Functional and Interface Testing • Acceptance Testing • Cost Modeling • Participate in validation of Cost Modeling Study
Role of CJIS Systems Officer (CSO) • The Advisory Policy Board tasked the N-DEx Program Office with conducting an analysis of each state’s role for N-DEx connectivity. • Brief questionnaire sent to all CSOs by N-DEx Program Office during week of June 25, 2007, requesting response by July 16, 2007. The questionnaire focused on the CJIS system responsibilities for each CSO within their respective state in reference to the N-DEx system (i.e. monitoring system usage, system discipline, CJIS operating procedures, and other related duties outlined in the User Agreement). • The N-DEx Program Office will report the findings of the CSO analysis at the Fall CJIS Working Group Meetings scheduled August 15-16, 2007, in Denver Colorado.
Questions N-DEx Program Office Criminal Justice Information Services Division 1000 Custer Hollow Road Clarksburg, WV 26306-0101 (304) 625-4219 ndex@LEO.GOV