1 Prepared by Advanced Systems Management Group Ltd. Information Exchange Policy Vocabulary...

1

Prepared by Advanced Systems Management Group Ltd.

Information Exchange Policy VocabularyInformation Exchange Framework (IEF)

March 20, 2012

Presented by: Mike Abramson President, Advanced Systems Management Group Special Adviser on public safety/security Open Interoperability Standards to Centre for Security

Sciences (CSS) Architect to Chief Force Development Canadian Department of National Defence Co-chair OMG C4I Domain Task Force

Chair IEF Working GroupCo-chair Emergency, Crisis and Major Event Working Group

2


Presentation

• Challenges to broad-based interagency information sharing and safeguarding

• IEF objectives

• Brief IEF overview

• Brief IEPV overview

• Questions

2

3


Information Sharing and Safeguarding

3

4


Data/Information Aggregation and Release

4

5


Information Sharing Challenges• Improving the information (content) quality:

▫ Accuracy: semantics to accurately convey the perceived situation.▫ Relevance: information tailored to specific requirements of the mission, role, task or situation at hand.▫ Timeliness: information flow required to support key processes, including decision making.▫ Usability: information presented in a common, easily understood format.▫ Completeness: information that provides all necessary (or available) information needed to make decisions.▫ Brevity: information tailored to the level-of-detail required to make decisions and reduce data overload. ▫ Trustworthiness: information quality and content can be trusted by stakeholders, decision makers and users.▫ Protected: Information is protected from inadvertent or Malicious Release or use.

• Reducing the number of networks

• Enforcing information sharing policies, rules and constraints during dynamic real-world operations

• Adapting to:

▫ dynamic asymmetric threats ▫ increasing demand for information across multi-agency operations▫ Information and data overload▫ operational context▫ Adhoc coalition and mission partnerships

• Managing Sensitive Information

▫ Tagging and Labelling of system generated exchanges▫ Privacy, Access, Credential, Identity Decision and Enforcement Services▫ Data redaction Services▫ Certifying and accrediting Information Sharing Systems and Services

• Maintaining institutional knowledge and memory

5

6


Design Challenges

• Translating legislative mandates, policy and Information Sharing Agreements

• Transforming Information Sharing and Protection policies into system/software enforceable rules▫ Standardized Vocabulary ▫ Modeling Practices and Profiles (Architecture and MDA)▫ Operational Services to Manage and Enforce the Policies ▫ Off the Shelf Tools (COTS)

• Alignment between Information Sharing and Safeguarding Services and Enterprise, Information, system and Technical Architecture

• Development and maintenance cycles keep pace operational needs:▫ New, changing and asymmetric threats ▫ Shifting Operational Coalitions and Contexts▫ Continuous evolution of Legislation, Policy, SOPs, Technology

• Certifying Information Sharing Capability for Operations

• Control Life-cycle costs

• Retain, maintain and exploit Institutional knowledge and memory

6

7


Capability of Current Approaches

7

Community / UserApplications &

Reports

Operational Data

Data in Use

Data in Transit

Data at Rest

Extract,Transform

Load

or

ApplicationCode

Often Rigid and Brittle

Often Difficult to Maintain and Adapt

Typically Non-Responsive to Operations

Community Specifications

Often Pier-to-Pier

Often Task/Organization Specific

Often Stove-piped

Organizations often lose Institutional knowledge and Memory of Business Rules

8


IEF Targeting the Capture and Enforcement of Data Owner Business Rules

8

Operational Data

Application SemanticsAPI Structure and Syntax

Exchange AgreementsExchange Semantics and SyntaxExchange ProtocolsExchange Vocabularies and TaxonomiesMessaging Protocols

ReusableTransactional

Patterns

Data Owner Business Rules: - Transactional Patterns - Aggregation (Construction)Plans - Processing (Marshalling) Plans - Domain Filtering Rules - Security and Privacy - Quality of Service - Context Specialization - Data and Structure Transformation Rules Information Protection: - Semantic Guards - Tag and Label Filtering - Tear Lines - Tag and Label Enforcement - Domain Processing and Rule Data Storage Rules:

- Data Owner Semantics - Data Owner Vocabulary and Taxonomy - Data Owner Tags and Labels - Data Owner Business Rules, Structures

Community Specifications

Community / UserApplications &

Reports

9


NIEM is a primary Target for IEF Policy EnforcementBut there is much more

9

Communications(Protocols, Frequencies, Security, Accreditations, etc…)

Networks (Network OS, Protocols, Security, Accreditations, etc …)

Platform(Interfaces, OS, Security, Accreditations, etc…)

Middleware Services(Security (ICAM, Encryption, …), Session services, …)

Data Services(Protection, Validation &

Verification, Transformation, Policy enforcement, Storage …)

Data Sharing Services(Message and Data Package

Processing, …)

Security Services

Information Application

Information Visualization

Privacy, Access, Credentials, and Identity Decision and Enforcement Services

Information Exchange Framework

Policy-based Data aggregation/processing

andinformation Protection Enforcement

Types of Information Sharing1. Event Drive Global Update2. Real-time Data Sharing3. Publish and Subscribe4. Discover, search and

Request

Levels of Interoperability1. Technical Interoperability2. Syntactic Interoperability3. Semantic Interoperability4. Pragmatic

5. Dynamic6. Conceptual

Wired,

Narrowband Mobile,

Broadband Mobile, Tactic

al Networks

Communications from Gigabits to Bits per

second.

EDXLXBRL

10


IEF Objectives

• Focus on information content and Rules rather than mechanisms for discovery and distribution

• Align information sharing and safeguarding to architecture

• Separate business rules from the software services that enforce them, providing:▫ increased flexibility, adaptability and agility ▫ Increased the retention of institutional knowledge and Memory▫ Increase traceability and audit-ability of information sharing and

protection solutions

• Provide Information Sharing and Safeguarding Policy Enforcement Support for multiple communities (NIEM, Hl7, EDXL, XBRL, CAP, MIP, …)

• Enable Model Driven Architecture (MDA) services for Information Sharing and Safeguarding

• Enable the use of reusable data and information patterns

10

11


IEF Key Concepts

• Reusable Information Patterns Describing the rules for:▫ Information Sharing Contract▫ Message▫ Semantic▫ Data Transactional Patterns

Data Aggregation and Marshalling Data Transformation Domain Filters (Static and Dynamic (alterable at Runtime)

▫ Semantic Guards (protected Semantic Patterns)

• Simple Extensible Notations

• Transformable into Executable Rules (MDA Process)

• Direct Alignment to Architecture Frameworks

• Open Standards / Open Architecture / Open Source

11

12


Security Services

LEXS

Where are the IE Policies

NIEM

Exchange Semantics,Syntax, Structure,

Vocabulary &Business Use Case

?InformationSystem

InformationSystem

Data Aggregation, Information Protection, & Release-ability Policy

Receipt Actions &Acknowledgements

Information Sharing,

Protection and Release-ability

Policies

Shared Middleware or Registry/Repository Infrastructure?

Information Processing and Action Policies

Enforce Access and Distribution

Policies

12

Metadata and Publishing Policies

IEFIE

F

Policy ManagementServices

13


Latest List of Policy Enforcement Services

• Current IEPV Focus▫ Policy-based Packaging Services (IEPPS)

Focussed on packaging data Information Messages in a mannered that is: Context Sensitive Transformed for Use Redacted for Release

IEPV Elements (current IEPV Focus)

Data aggregation, transformation and filtering Message Packaging and Rendering Minimal Distribution Specification

• Future IEPV Work▫ Policy-based Distribution Services (IEPDS)

UML Profile for DDS / DDS (definitely a target) But there are others

▫ Policy-based Access Services (IEPAS)▫ Policy Based Credentialing Services (IEPCS)▫ Policy-based Identity Services (IEPIS)▫ Policy-based Information Release Services (IEIRS)▫ Policy-based Security Services (IEPSS)

13

14


IEF ElementsGrowing number of related elements

14

15


IEPV Compliance Points

15

Information Exchange Contract

http://130.207.211.107/content/lexs-overview

Information Exchange Specification

Information Specification Distribution Specification Information Specification

Compliance Point 1

Compliance Point 3

Compliance Point 2a,b&c

Filtered Semantic

1

1

1

1

1

1

1

1

1

0..*

Message Specification Message Rendering

Instruction

1

0..*

1

0..*

1

1

Dataset in a Wrapper(E.g., Binary Message, MIP PDU)

Complex Messaging(e.g., LEXS)

16


IEVP Message: Compliance Point 1

16

Message Metadata

Message

Filtered Semantic

Filled in by Distribution Service

Message is rendered by the Distribution Service or User Application

Included to support current SOPES (Annex A) and UPDM Profiles that were derived from the Multilateral Interoperability Programme (MIP) / JC3IEDM

17


Compliance Point 2

Sublevels

2a: Adds the provision for Attachments and Policy for Metadata

2b: Adds the provision for a single Information package including Package Metadata Digest Information Payload (Structured) Package Rendering Instruction(s)

2c: Adds the provision for multiple information packages and linking (x-referencing) message elements. Individual Packages to include: Attachment Summary Linkages Free text

17

18


IEVP Message: Compliance Point 2a

18

Message Metadata

Message

Submitter Metadata

Information Package 1

Attachment 1

Attachment 1

Attachment 1

Filtered Semantic

Filtered Semantic

19


IEVP Message: Compliance Point 2b

19

Message Metadata

Message

Submitter Metadata


Attachment 1

Attachment 1

Attachment 1


Package Metadata

Digest

Information Payload

Rendering Instructions

Filtered Semantic

Filtered Semantic

Filtered Semantic

20


IEVP Message: Compliance Point 2c

20

Message Metadata

Message

Submitter Metadata



Information Package “n”

Attachment 1

Attachment 1

Attachment 1


Package Metadata

Digest

Information Payload

Attachment Summary

Linkages


Free Text

Filtered Semantic

Filtered Semantic

Filtered Semantic

Information Drawn from the Semantic of the

elements in the package

21


LEXS Publish Message

21

Publish Message Metadata

Publish Message

Submitter Metadata

Data Item Package 1

Data Item Package 2

Data Item Package n

Attachment 1

Attachment 1

Attachment 1

Data Item Package 1

Package Metadata

Digest

Structured Payload

Attachment Summary

Linkages


Free Text

http://130.207.211.107/content/lexs-overview

22


Compliance Point 3: Distribution

• Generic linking of a message (content) to its permissible distribution services / channels and QoS requirements

• UML PSM (under development) should provide linkages to the UML Profile for DDS, but be limited to DDS

22

23


Distribution Domain Model for CP3 (DRAFT)

23

24


IEPV Model

• Model use the Visual Ontology Modeling▫ Proposed by Elisa F. Kendall Sandsoft▫ Our AB Buddy

• Will be used to generate and test OWL PSM

• A few examples of the 60+ diagrams in the submission

24

25


Information Exchange Contract (CP1)

25

26


Adding the Properties and Restrictions to the Concepts

26

27


Filtered Semantic

27

28


Filtered Transactional

28

29


Basic Semantic

29

30


Add Attribution

30

31


Add Transformations

31

32


Add Static Filters

32

33


Questions and Answers

Mike AbramsonSpecial Adviser on public safety/security Open Interoperability Standards to Centre for Security Sciences (CSS)

Co-Chair C4I DTFCo-Chair Emergency Management SIG

Chair IEF WG President Advanced Systems Management Group (ASMG) Ltd.

265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1Fax: 613-231-2556

Phone: 613-567-7097 x222Email: [email protected]

IEPV Review March 20 2012

33

35


MDA for IEFArchitecture and Engineering Domain Operational Domain

35

36


IEF: One piece of the puzzle

36

Communications(Protocols, Frequencies, Security, Accreditations, etc…)

Networks (Network OS, Protocols, Security, Accreditations, etc …)

Platform(Interfaces, OS, Security, Accreditations, etc…)

Middleware Services(Security (ICAM, Encryption, …), Session services, …)

Data Services(Protection, Validation &

Verification, Transformation, Policy enforcement, Storage …)

Data Sharing Services(Message and Data Package

Processing, …)

Security Services

Information Application

Information Visualization

Privacy, Access, Credentials, and Identity Decision and Enforcement Services

Information Exchange Framework

Policy-based Data aggregation/processing

andinformation Protection Enforcement

37


37

1 Prepared by Advanced Systems Management Group Ltd. Information Exchange Policy Vocabulary...

Documents

Transcript of 1 Prepared by Advanced Systems Management Group Ltd. Information Exchange Policy Vocabulary...