360 likes | 554 Views
Information Exchange Policy Vocabulary Information Exchange Framework (IEF). March 20, 2012 Presented by: Mike Abramson President, Advanced Systems Management Group Special Adviser on public safety/security Open Interoperability Standards to Centre for Security Sciences (CSS)
E N D
Information Exchange Policy VocabularyInformation Exchange Framework (IEF) March 20, 2012 Presented by: Mike Abramson President, Advanced Systems Management Group Special Adviser on public safety/security Open Interoperability Standards to Centre for Security Sciences (CSS) Architect to Chief Force Development Canadian Department of National Defence Co-chair OMG C4I Domain Task Force Chair IEF Working Group Co-chair Emergency, Crisis and Major Event Working Group
Presentation • Challenges to broad-based interagency information sharing and safeguarding • IEF objectives • Brief IEF overview • Brief IEPV overview • Questions
Information Sharing Challenges • Improving the information (content) quality: • Accuracy: semantics to accurately convey the perceived situation. • Relevance: information tailored to specific requirements of the mission, role, task or situation at hand. • Timeliness: information flow required to support key processes, including decision making. • Usability: information presented in a common, easily understood format. • Completeness: information that provides all necessary (or available) information needed to make decisions. • Brevity: information tailored to the level-of-detail required to make decisions and reduce data overload. • Trustworthiness: information quality and content can be trusted by stakeholders, decision makers and users. • Protected: Information is protected from inadvertent or Malicious Release or use. • Reducing the number of networks • Enforcing information sharing policies, rules and constraints during dynamic real-world operations • Adapting to: • dynamic asymmetric threats • increasing demand for information across multi-agency operations • Information and data overload • operational context • Adhoc coalition and mission partnerships • Managing Sensitive Information • Tagging and Labelling of system generated exchanges • Privacy, Access, Credential, Identity Decision and Enforcement Services • Data redaction Services • Certifying and accrediting Information Sharing Systems and Services • Maintaining institutional knowledge and memory
Design Challenges • Translating legislative mandates, policy and Information Sharing Agreements • Transforming Information Sharing and Protection policies into system/software enforceable rules • Standardized Vocabulary • Modeling Practices and Profiles (Architecture and MDA) • Operational Services to Manage and Enforce the Policies • Off the Shelf Tools (COTS) • Alignment between Information Sharing and Safeguarding Services and Enterprise, Information, system and Technical Architecture • Development and maintenance cycles keep pace operational needs: • New, changing and asymmetric threats • Shifting Operational Coalitions and Contexts • Continuous evolution of Legislation, Policy, SOPs, Technology • Certifying Information Sharing Capability for Operations • Control Life-cycle costs • Retain, maintain and exploit Institutional knowledge and memory
Capability of Current Approaches Community / User Applications & Reports Data in Use Community Specifications Data in Transit Extract, Transform Load or Application Code Often Rigid and Brittle Often Difficult to Maintain and Adapt Typically Non-Responsive to Operations Often Pier-to-Pier Often Task/Organization Specific Often Stove-piped Operational Data Data at Rest Organizations often lose Institutional knowledge and Memory of Business Rules
IEF Targeting the Capture and Enforcement of Data Owner Business Rules Application Semantics API Structure and Syntax Community / User Applications & Reports Data Owner Business Rules: - Transactional Patterns - Aggregation (Construction)Plans - Processing (Marshalling) Plans - Domain Filtering Rules - Security and Privacy - Quality of Service - Context Specialization - Data and Structure Transformation Rules Information Protection: - Semantic Guards - Tag and Label Filtering - Tear Lines - Tag and Label Enforcement - Domain Processing and Rule Exchange Agreements Exchange Semantics and Syntax Exchange Protocols Exchange Vocabularies and Taxonomies Messaging Protocols Community Specifications Reusable Transactional Patterns Data Storage Rules: - Data Owner Semantics - Data Owner Vocabulary and Taxonomy - Data Owner Tags and Labels - Data Owner Business Rules, Structures Operational Data
NIEM is a primary Target for IEF Policy EnforcementBut there is much more Types of Information Sharing Event Drive Global Update Real-time Data Sharing Publish and Subscribe Discover, search and Request XBRL EDXL Information Visualization Information Application Data Sharing Services (Message and Data Package Processing, …) Data Services (Protection, Validation & Verification, Transformation, Policy enforcement, Storage …) Information Exchange Framework Policy-based Data aggregation/processing and information Protection Enforcement Privacy, Access, Credentials, and Identity Decision and Enforcement Services Middleware Services (Security (ICAM, Encryption, …), Session services, …) Security Services Levels of Interoperability Technical Interoperability Syntactic Interoperability Semantic Interoperability Pragmatic Dynamic Conceptual Wired, Narrowband Mobile, Broadband Mobile, Tactical Networks Platform (Interfaces, OS, Security, Accreditations, etc…) Communications from Gigabits to Bits per second. Networks (Network OS, Protocols, Security, Accreditations, etc …) Communications (Protocols, Frequencies, Security, Accreditations, etc…)
IEF Objectives • Focus on information content and Rules rather than mechanisms for discovery and distribution • Align information sharing and safeguarding to architecture • Separate business rules from the software services that enforce them, providing: • increased flexibility, adaptability and agility • Increased the retention of institutional knowledge and Memory • Increase traceability and audit-ability of information sharing and protection solutions • Provide Information Sharing and Safeguarding Policy Enforcement Support for multiple communities (NIEM, Hl7, EDXL, XBRL, CAP, MIP, …) • Enable Model Driven Architecture (MDA) services for Information Sharing and Safeguarding • Enable the use of reusable data and information patterns
IEF Key Concepts • Reusable Information Patterns Describing the rules for: • Information Sharing Contract • Message • Semantic • Data Transactional Patterns • Data Aggregation and Marshalling • Data Transformation • Domain Filters (Static and Dynamic (alterable at Runtime) • Semantic Guards (protected Semantic Patterns) • Simple Extensible Notations • Transformable into Executable Rules (MDA Process) • Direct Alignment to Architecture Frameworks • Open Standards / Open Architecture / Open Source
Where are the IE Policies Information Sharing, Protection and Release-ability Policies Metadata and Publishing Policies Information Processing and Action Policies LEXS ? NIEM ? Information System Information System IEF IEF Shared Middleware or Registry/Repository Infrastructure Security Services Data Aggregation, Information Protection, & Release-ability Policy Exchange Semantics, Syntax, Structure, Vocabulary & Business Use Case Enforce Access and Distribution Policies Receipt Actions & Acknowledgements Policy Management Services
Latest List of Policy Enforcement Services • Current IEPV Focus • Policy-based Packaging Services (IEPPS) • Focussed on packaging data Information Messages in a mannered that is: • Context Sensitive • Transformed for Use • Redacted for Release • IEPV Elements (current IEPV Focus) • Data aggregation, transformation and filtering • Message Packaging and Rendering • Minimal Distribution Specification • Future IEPV Work • Policy-based Distribution Services (IEPDS) • UML Profile for DDS / DDS (definitely a target) • But there are others • Policy-based Access Services (IEPAS) • Policy Based Credentialing Services (IEPCS) • Policy-based Identity Services (IEPIS) • Policy-based Information Release Services (IEIRS) • Policy-based Security Services (IEPSS)
IEPV Compliance Points Compliance Point 1 Compliance Point 2a,b&c Information Exchange Contract Information Exchange Specification 1 1 1 1 1 1 1 1 Information Specification Distribution Specification Information Specification Compliance Point 3 1 1 1 0..* 0..* 0..* Filtered Semantic 1 Message Rendering Instruction Message Specification 1 Dataset in a Wrapper (E.g., Binary Message, MIP PDU) Complex Messaging (e.g., LEXS) http://130.207.211.107/content/lexs-overview
IEVP Message: Compliance Point 1 Filled in by Distribution Service Message Message Metadata Filtered Semantic Message is rendered by the Distribution Service or User Application Included to support current SOPES (Annex A) and UPDM Profiles that were derived from the Multilateral Interoperability Programme (MIP) / JC3IEDM
Compliance Point 2 Sublevels 2a: Adds the provision for Attachments and Policy for Metadata 2b: Adds the provision for a single Information package including • Package Metadata • Digest • Information Payload (Structured) • Package Rendering Instruction(s) 2c: Adds the provision for multiple information packages and linking (x-referencing) message elements. Individual Packages to include: • Attachment Summary • Linkages • Free text
IEVP Message: Compliance Point 2a Message Message Metadata Filtered Semantic Submitter Metadata Information Package 1 Filtered Semantic Attachment 1 Attachment 1 Attachment 1
IEVP Message: Compliance Point 2b Information Package 1 Message Package Metadata Filtered Semantic Message Metadata Submitter Metadata Digest Filtered Semantic Information Package 1 Information Payload Filtered Semantic Rendering Instructions Attachment 1 Attachment 1 Attachment 1
IEVP Message: Compliance Point 2c Information Package 1 Message Filtered Semantic Message Metadata Package Metadata Submitter Metadata Digest Filtered Semantic Information Package 1 Information Payload Filtered Semantic Information Package 2 Attachment Summary Information Drawn from the Semantic of the elements in the package Linkages Rendering Instructions Information Package “n” Free Text Attachment 1 Attachment 1 Attachment 1
LEXS Publish Message Data Item Package 1 Publish Message Publish Message Metadata Package Metadata Submitter Metadata Digest Data Item Package 1 Structured Payload Data Item Package 2 Attachment Summary Linkages Rendering Instructions Data Item Package n Free Text Attachment 1 Attachment 1 Attachment 1 http://130.207.211.107/content/lexs-overview
Compliance Point 3: Distribution • Generic linking of a message (content) to its permissible distribution services / channels and QoS requirements • UML PSM (under development) should provide linkages to the UML Profile for DDS, but be limited to DDS
IEPV Model • Model use the Visual Ontology Modeling • Proposed by Elisa F. Kendall Sandsoft • Our AB Buddy • Will be used to generate and test OWL PSM • A few examples of the 60+ diagrams in the submission
Questions and Answers IEPV Review March 20 2012 Mike Abramson Special Adviser on public safety/security Open Interoperability Standards to Centre for Security Sciences (CSS) Co-Chair C4I DTF Co-Chair Emergency Management SIG Chair IEF WG President Advanced Systems Management Group (ASMG) Ltd. 265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1 Fax: 613-231-2556 Phone: 613-567-7097 x222 Email: abramson@asmg-ltd.com
MDA for IEF Architecture and Engineering Domain Operational Domain
IEF: One piece of the puzzle Information Visualization Information Application Data Sharing Services (Message and Data Package Processing, …) Data Services (Protection, Validation & Verification, Transformation, Policy enforcement, Storage …) Information Exchange Framework Policy-based Data aggregation/processing and information Protection Enforcement Privacy, Access, Credentials, and Identity Decision and Enforcement Services Middleware Services (Security (ICAM, Encryption, …), Session services, …) Security Services Platform (Interfaces, OS, Security, Accreditations, etc…) Networks (Network OS, Protocols, Security, Accreditations, etc …) Communications (Protocols, Frequencies, Security, Accreditations, etc…)