Showing posts with label Information sharing environment. Show all posts
Showing posts with label Information sharing environment. Show all posts

June 6, 2008

Information Sharing Standards and Enterprise Architecture

In response to the 9/11 Commission’s recommendations, the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004 called for an Information Sharing Environment (ISE), “an approach that facilitates the sharing of terrorism information” and that requires the President to designate a Program Manager for the ISE and to establish an Information Sharing Council to advise the President and the Program Manager.

The Common Terrorism Information Sharing Standards (CTISS) Program Manual is a construct for ISE. It defines both functional standards and technical standards.

  • Functional standards—According to the CTISS Program Manual, these are “detailed mission descriptions, data and metadata on focused areas that use ISE business processes and information flows to share information.” From an enterprise architecture perspective, I believe this would correspond to the business and information perspectives of the architecture as well as be extended probably to the performance perspective. In other words, functional standards correlate to the three business perspectives of the Federal Enterprise Architecture. These are the standards that define our requirements, in other words, how we measure performance (for example, Balanced Scorecard), how we engineer business processes (for example, Lean Six Sigma), and how we describe information sharing requirements (for example, NIEM or U-CORE, and Information Exchange Package Descriptions).
  • Technical Standards—“methods and techniques to implement information sharing capability…[for] acquiring, accessing, producing, retaining, protecting, and sharing.” From an enterprise architecture perspective, I believe this would correspond to the services, technology, and security perspectives of the architecture. These correlate to the three technical perspectives of the architecture. The technical standards include how systems will interoperate or share information (for example, J2EE, .NET), what technology standards will be employed (for example, XML, SOAP, UDDI) and how security will be assured (for example, various from NIST/FIPS, ISO, IEEE, and so on).

What I like about the CTISS is that it attempts to define a comprehensive framework for the ISE from the highest-level being the domains of information (such as intelligence, law enforcement, homeland security, foreign affairs, and defense) and drills down to the security domains (SBU, Secret, and US-SCI), reference models, (FEA, DoDAF, IC EA…), standard types (metadata, data, exchange, and service), standards bodies (NIEM, W3C, OASIS…), and then the standards themselves.

As an initial impression, I think next steps are to articulate how I share information with you or you share with me. Currently, we are still defining techniques for future sharing of data, like developing metadata, creating a data dictionary and schema, defining exchange standards, and service standards to discover data through registries. It like responding to someone who asks, how do I get to your house, by saying, we need to pave roads, design and manufacture cars or buses, install traffic signs and lights, and so on. That’s all infrastructure that needs to be built. That still doesn’t tell me how I get to your house. While we are making huge progress with information sharing, we’re still at the early stages of figuring out what the infrastructure elements are to share. But it seems to be a running start!


Share/Save/Bookmark

September 7, 2007

Information Sharing Best Practices

There are currently two major federal best practices for information sharing: Netcentricity and the Information Sharing Environment.

The Department of Defense (DoD) adopted a Netcentric Strategy in May 2003.

  • Netcentricity—Netcentricity seeks to ensure data visibility, availability, and usability to accelerate decision-making. This includes data tagging (metadata), posting data to shared spaces, and enabling the many-to-many exchange of data (i.e. many users and applications can access the same data instead of point-to-point interfaces). Netcentricity is the realization of a networked environment.
  • Global Information Grid (GIG)—The GIG is a globally interconnected, end-to-end set of information capabilities, associated processes and personnel for collecting, processing, storing, disseminating and managing information on demand to warfighters, policy makers, and support personnel. The GIG includes all owned and leased communications and computing systems and services, software, data, security services and other associated services necessary to achieve information superiority.
Netcentricity is a strategy for sharing information. As the DoD strategy states: The data strategy is to “shift from private data to community or Enterprise data as a result of increased data “sharing” in the netcentric environment. Tagging, posting, and sharing of data are encouraged through the use of incentives and metrics.” (adapted from DoD Net-Centric Strategy from defense.link.mil, public site)

In 2004, the concept of Netcentricity was extended to the Director of National Intelligence (DNI)’s Information Sharing Environment with the passing of the Intelligence Reform and Terrorism Prevention Act (IRTPA).

  • Information Sharing Environment (ISE)The IRTPA requires the President to establish an ISE “for the sharing of terrorism information in a manner consistent with national security and with applicable legal standards relating to privacy and civil liberties” and the IRTPA defines the ISE to mean “an approach that facilitates the sharing of terrorism information.”

The ISE seeks to “facilitate trusted partnerships among all levels of government, the private sector, and foreign partners…[and to] promote an information sharing culture among partners by facilitating the improved sharing of timely, validated, protected, and actionable terrorism information.” (adapted from Information Sharing Environment Implementation Plan from ISE.gov, public site)

Both Net-centricity and ISE are best practices at increasing information sharing to improve and speed up decision-making and protect our nation and its citizens!

  • As the DoD Net-Centric Strategy states: “the core of the net-centric environment is the data that enables effective decisions.”
  • And similarly, in the ISE Implementation Plan, we read, “the highest priority in creating the ISE must be on facilitating, coordinating and expediting access to protected terrorism information.”

In User-centric EA, information sharing, as appropriate, is one of the primary goals of the architecture. Information is one of the six perspectives (performance, business, information, services, technology, and security, and a seventh to be added is human capital) of the EA. The primary principal of the Information perspective is information sharing and accessibility. Further, the Federal Enterprise Architecture (FEA) Data Reference Model (DRM) is driven by the enablement of sharing information across the federal government and to its partners. The methodology is as follows:

  • Consistently describe data (via metadata)
  • Register the data (to make it discoverable)
  • Develop standards for the exchange of data (to enable interoperability and accessibility)
  • Provide sound governance (including data policy and stewardship).

User-centric EA is driven to fulfill the vision of Net-centricity and ISE.


Share/Save/Bookmark