1 Prepared by Advanced Systems Management Group Ltd. Information Exchange Policy Vocabulary...
-
Upload
melanie-phelps -
Category
Documents
-
view
215 -
download
0
Transcript of 1 Prepared by Advanced Systems Management Group Ltd. Information Exchange Policy Vocabulary...
1
Prepared by Advanced Systems Management Group Ltd.
Information Exchange Policy VocabularyInformation Exchange Framework (IEF)
March 20, 2012
Presented by: Mike Abramson President, Advanced Systems Management Group Special Adviser on public safety/security Open Interoperability Standards to Centre for Security
Sciences (CSS) Architect to Chief Force Development Canadian Department of National Defence Co-chair OMG C4I Domain Task Force
Chair IEF Working GroupCo-chair Emergency, Crisis and Major Event Working Group
2
Prepared by Advanced Systems Management Group Ltd.
Presentation
• Challenges to broad-based interagency information sharing and safeguarding
• IEF objectives
• Brief IEF overview
• Brief IEPV overview
• Questions
2
3
Prepared by Advanced Systems Management Group Ltd.
Information Sharing and Safeguarding
3
4
Prepared by Advanced Systems Management Group Ltd.
Data/Information Aggregation and Release
4
5
Prepared by Advanced Systems Management Group Ltd.
Information Sharing Challenges• Improving the information (content) quality:
▫ Accuracy: semantics to accurately convey the perceived situation.▫ Relevance: information tailored to specific requirements of the mission, role, task or situation at hand.▫ Timeliness: information flow required to support key processes, including decision making.▫ Usability: information presented in a common, easily understood format.▫ Completeness: information that provides all necessary (or available) information needed to make decisions.▫ Brevity: information tailored to the level-of-detail required to make decisions and reduce data overload. ▫ Trustworthiness: information quality and content can be trusted by stakeholders, decision makers and users.▫ Protected: Information is protected from inadvertent or Malicious Release or use.
• Reducing the number of networks
• Enforcing information sharing policies, rules and constraints during dynamic real-world operations
• Adapting to:
▫ dynamic asymmetric threats ▫ increasing demand for information across multi-agency operations▫ Information and data overload▫ operational context▫ Adhoc coalition and mission partnerships
• Managing Sensitive Information
▫ Tagging and Labelling of system generated exchanges▫ Privacy, Access, Credential, Identity Decision and Enforcement Services▫ Data redaction Services▫ Certifying and accrediting Information Sharing Systems and Services
• Maintaining institutional knowledge and memory
5
6
Prepared by Advanced Systems Management Group Ltd.
Design Challenges
• Translating legislative mandates, policy and Information Sharing Agreements
• Transforming Information Sharing and Protection policies into system/software enforceable rules▫ Standardized Vocabulary ▫ Modeling Practices and Profiles (Architecture and MDA)▫ Operational Services to Manage and Enforce the Policies ▫ Off the Shelf Tools (COTS)
• Alignment between Information Sharing and Safeguarding Services and Enterprise, Information, system and Technical Architecture
• Development and maintenance cycles keep pace operational needs:▫ New, changing and asymmetric threats ▫ Shifting Operational Coalitions and Contexts▫ Continuous evolution of Legislation, Policy, SOPs, Technology
• Certifying Information Sharing Capability for Operations
• Control Life-cycle costs
• Retain, maintain and exploit Institutional knowledge and memory
6
7
Prepared by Advanced Systems Management Group Ltd.
Capability of Current Approaches
7
Community / UserApplications &
Reports
Operational Data
Data in Use
Data in Transit
Data at Rest
Extract,Transform
Load
or
ApplicationCode
Often Rigid and Brittle
Often Difficult to Maintain and Adapt
Typically Non-Responsive to Operations
Community Specifications
Often Pier-to-Pier
Often Task/Organization Specific
Often Stove-piped
Organizations often lose Institutional knowledge and Memory of Business Rules
8
Prepared by Advanced Systems Management Group Ltd.
IEF Targeting the Capture and Enforcement of Data Owner Business Rules
8
Operational Data
Application SemanticsAPI Structure and Syntax
Exchange AgreementsExchange Semantics and SyntaxExchange ProtocolsExchange Vocabularies and TaxonomiesMessaging Protocols
ReusableTransactional
Patterns
Data Owner Business Rules: - Transactional Patterns - Aggregation (Construction)Plans - Processing (Marshalling) Plans - Domain Filtering Rules - Security and Privacy - Quality of Service - Context Specialization - Data and Structure Transformation Rules Information Protection: - Semantic Guards - Tag and Label Filtering - Tear Lines - Tag and Label Enforcement - Domain Processing and Rule Data Storage Rules:
- Data Owner Semantics - Data Owner Vocabulary and Taxonomy - Data Owner Tags and Labels - Data Owner Business Rules, Structures
Community Specifications
Community / UserApplications &
Reports
9
Prepared by Advanced Systems Management Group Ltd.
NIEM is a primary Target for IEF Policy EnforcementBut there is much more
9
Communications(Protocols, Frequencies, Security, Accreditations, etc…)
Networks (Network OS, Protocols, Security, Accreditations, etc …)
Platform(Interfaces, OS, Security, Accreditations, etc…)
Middleware Services(Security (ICAM, Encryption, …), Session services, …)
Data Services(Protection, Validation &
Verification, Transformation, Policy enforcement, Storage …)
Data Sharing Services(Message and Data Package
Processing, …)
Security Services
Information Application
Information Visualization
Privacy, Access, Credentials, and Identity Decision and Enforcement Services
Information Exchange Framework
Policy-based Data aggregation/processing
andinformation Protection Enforcement
Types of Information Sharing1. Event Drive Global Update2. Real-time Data Sharing3. Publish and Subscribe4. Discover, search and
Request
Levels of Interoperability1. Technical Interoperability2. Syntactic Interoperability3. Semantic Interoperability4. Pragmatic
5. Dynamic6. Conceptual
Wired,
Narrowband Mobile,
Broadband Mobile, Tactic
al Networks
Communications from Gigabits to Bits per
second.
EDXLXBRL
10
Prepared by Advanced Systems Management Group Ltd.
IEF Objectives
• Focus on information content and Rules rather than mechanisms for discovery and distribution
• Align information sharing and safeguarding to architecture
• Separate business rules from the software services that enforce them, providing:▫ increased flexibility, adaptability and agility ▫ Increased the retention of institutional knowledge and Memory▫ Increase traceability and audit-ability of information sharing and
protection solutions
• Provide Information Sharing and Safeguarding Policy Enforcement Support for multiple communities (NIEM, Hl7, EDXL, XBRL, CAP, MIP, …)
• Enable Model Driven Architecture (MDA) services for Information Sharing and Safeguarding
• Enable the use of reusable data and information patterns
10
11
Prepared by Advanced Systems Management Group Ltd.
IEF Key Concepts
• Reusable Information Patterns Describing the rules for:▫ Information Sharing Contract▫ Message▫ Semantic▫ Data Transactional Patterns
Data Aggregation and Marshalling Data Transformation Domain Filters (Static and Dynamic (alterable at Runtime)
▫ Semantic Guards (protected Semantic Patterns)
• Simple Extensible Notations
• Transformable into Executable Rules (MDA Process)
• Direct Alignment to Architecture Frameworks
• Open Standards / Open Architecture / Open Source
11
12
Prepared by Advanced Systems Management Group Ltd.
Security Services
LEXS
Where are the IE Policies
NIEM
Exchange Semantics,Syntax, Structure,
Vocabulary &Business Use Case
?InformationSystem
InformationSystem
Data Aggregation, Information Protection, & Release-ability Policy
Receipt Actions &Acknowledgements
Information Sharing,
Protection and Release-ability
Policies
Shared Middleware or Registry/Repository Infrastructure?
Information Processing and Action Policies
Enforce Access and Distribution
Policies
12
Metadata and Publishing Policies
IEFIE
F
Policy ManagementServices
13
Prepared by Advanced Systems Management Group Ltd.
Latest List of Policy Enforcement Services
• Current IEPV Focus▫ Policy-based Packaging Services (IEPPS)
Focussed on packaging data Information Messages in a mannered that is: Context Sensitive Transformed for Use Redacted for Release
IEPV Elements (current IEPV Focus)
Data aggregation, transformation and filtering Message Packaging and Rendering Minimal Distribution Specification
• Future IEPV Work▫ Policy-based Distribution Services (IEPDS)
UML Profile for DDS / DDS (definitely a target) But there are others
▫ Policy-based Access Services (IEPAS)▫ Policy Based Credentialing Services (IEPCS)▫ Policy-based Identity Services (IEPIS)▫ Policy-based Information Release Services (IEIRS)▫ Policy-based Security Services (IEPSS)
13
14
Prepared by Advanced Systems Management Group Ltd.
IEF ElementsGrowing number of related elements
14
15
Prepared by Advanced Systems Management Group Ltd.
IEPV Compliance Points
15
Information Exchange Contract
http://130.207.211.107/content/lexs-overview
Information Exchange Specification
Information Specification Distribution Specification Information Specification
Compliance Point 1
Compliance Point 3
Compliance Point 2a,b&c
Filtered Semantic
1
1
1
1
1
1
1
1
1
0..*
Message Specification Message Rendering
Instruction
1
0..*
1
0..*
1
1
Dataset in a Wrapper(E.g., Binary Message, MIP PDU)
Complex Messaging(e.g., LEXS)
16
Prepared by Advanced Systems Management Group Ltd.
IEVP Message: Compliance Point 1
16
Message Metadata
Message
Filtered Semantic
Filled in by Distribution Service
Message is rendered by the Distribution Service or User Application
Included to support current SOPES (Annex A) and UPDM Profiles that were derived from the Multilateral Interoperability Programme (MIP) / JC3IEDM
17
Prepared by Advanced Systems Management Group Ltd.
Compliance Point 2
Sublevels
2a: Adds the provision for Attachments and Policy for Metadata
2b: Adds the provision for a single Information package including Package Metadata Digest Information Payload (Structured) Package Rendering Instruction(s)
2c: Adds the provision for multiple information packages and linking (x-referencing) message elements. Individual Packages to include: Attachment Summary Linkages Free text
17
18
Prepared by Advanced Systems Management Group Ltd.
IEVP Message: Compliance Point 2a
18
Message Metadata
Message
Submitter Metadata
Information Package 1
Attachment 1
Attachment 1
Attachment 1
Filtered Semantic
Filtered Semantic
19
Prepared by Advanced Systems Management Group Ltd.
IEVP Message: Compliance Point 2b
19
Message Metadata
Message
Submitter Metadata
Information Package 1
Attachment 1
Attachment 1
Attachment 1
Information Package 1
Package Metadata
Digest
Information Payload
Rendering Instructions
Filtered Semantic
Filtered Semantic
Filtered Semantic
20
Prepared by Advanced Systems Management Group Ltd.
IEVP Message: Compliance Point 2c
20
Message Metadata
Message
Submitter Metadata
Information Package 1
Information Package 2
Information Package “n”
Attachment 1
Attachment 1
Attachment 1
Information Package 1
Package Metadata
Digest
Information Payload
Attachment Summary
Linkages
Rendering Instructions
Free Text
Filtered Semantic
Filtered Semantic
Filtered Semantic
Information Drawn from the Semantic of the
elements in the package
21
Prepared by Advanced Systems Management Group Ltd.
LEXS Publish Message
21
Publish Message Metadata
Publish Message
Submitter Metadata
Data Item Package 1
Data Item Package 2
Data Item Package n
Attachment 1
Attachment 1
Attachment 1
Data Item Package 1
Package Metadata
Digest
Structured Payload
Attachment Summary
Linkages
Rendering Instructions
Free Text
http://130.207.211.107/content/lexs-overview
22
Prepared by Advanced Systems Management Group Ltd.
Compliance Point 3: Distribution
• Generic linking of a message (content) to its permissible distribution services / channels and QoS requirements
• UML PSM (under development) should provide linkages to the UML Profile for DDS, but be limited to DDS
22
23
Prepared by Advanced Systems Management Group Ltd.
Distribution Domain Model for CP3 (DRAFT)
23
24
Prepared by Advanced Systems Management Group Ltd.
IEPV Model
• Model use the Visual Ontology Modeling▫ Proposed by Elisa F. Kendall Sandsoft▫ Our AB Buddy
• Will be used to generate and test OWL PSM
• A few examples of the 60+ diagrams in the submission
24
25
Prepared by Advanced Systems Management Group Ltd.
Information Exchange Contract (CP1)
25
26
Prepared by Advanced Systems Management Group Ltd.
Adding the Properties and Restrictions to the Concepts
26
27
Prepared by Advanced Systems Management Group Ltd.
Filtered Semantic
27
28
Prepared by Advanced Systems Management Group Ltd.
Filtered Transactional
28
29
Prepared by Advanced Systems Management Group Ltd.
Basic Semantic
29
30
Prepared by Advanced Systems Management Group Ltd.
Add Attribution
30
31
Prepared by Advanced Systems Management Group Ltd.
Add Transformations
31
32
Prepared by Advanced Systems Management Group Ltd.
Add Static Filters
32
33
Prepared by Advanced Systems Management Group Ltd.
Questions and Answers
Mike AbramsonSpecial Adviser on public safety/security Open Interoperability Standards to Centre for Security Sciences (CSS)
Co-Chair C4I DTFCo-Chair Emergency Management SIG
Chair IEF WG President Advanced Systems Management Group (ASMG) Ltd.
265 Carling Ave, Suite 630, Ottawa, Ontario, K1S2E1Fax: 613-231-2556
Phone: 613-567-7097 x222Email: [email protected]
IEPV Review March 20 2012
33
35
Prepared by Advanced Systems Management Group Ltd.
MDA for IEFArchitecture and Engineering Domain Operational Domain
35
36
Prepared by Advanced Systems Management Group Ltd.
IEF: One piece of the puzzle
36
Communications(Protocols, Frequencies, Security, Accreditations, etc…)
Networks (Network OS, Protocols, Security, Accreditations, etc …)
Platform(Interfaces, OS, Security, Accreditations, etc…)
Middleware Services(Security (ICAM, Encryption, …), Session services, …)
Data Services(Protection, Validation &
Verification, Transformation, Policy enforcement, Storage …)
Data Sharing Services(Message and Data Package
Processing, …)
Security Services
Information Application
Information Visualization
Privacy, Access, Credentials, and Identity Decision and Enforcement Services
Information Exchange Framework
Policy-based Data aggregation/processing
andinformation Protection Enforcement
37
Prepared by Advanced Systems Management Group Ltd.
37