Program Manager, Information Sharing Environment
UNCLASSIFIED
UNCLASSIFIED
ISE Enterprise Architecture and Common Standards Program
UNCLASSIFIED
04/19/23 UNCLASSIFIED 2
IRTPA Section 1016: Creating the ISE
President George W. Bush on signingthe Intelligence Reform and Terrorist Prevention Act
17 December 2004
Section 1016, as amended*:
“The President shall –
(A) create an information sharing environment for the sharing of terrorism information in a manner consistent with national security and with applicable legal standards relating to privacy and civil liberties;
(B) designate the organizational and management structures that will be used to operate and manage the ISE; and
(C) determine and enforce the policies, directives, and rules that will govern the content and usage of the ISE.”
* The Implementing Recommendations of the 9/11 Commission Act of 2007, enacted in August of this year, included amendments to section 1016. The new law expands the scope of the ISE to explicitly include homeland security and terrorism-related weapons of mass destruction information.
UNCLASSIFIED
04/19/23 UNCLASSIFIED 3
National Strategy for Information Sharing
• National Strategy for Information Sharing: Success and Challenges in Improving Terrorism-Related Information Sharing issued on October 31, 2007 by President Bush
• Prioritizes and unifies the Nation’s efforts to advance the sharing of terrorism-related information
UNCLASSIFIED
04/19/23 UNCLASSIFIED 4
Elements of National Strategy for Information Sharing
• Providing a framework for enhanced information sharing among Federal, State, local, and tribal officials, the private sector, and foreign partners
• Describing the Federal Government's approach to support State and major urban area fusion centers
• Protecting the legal rights of Americans especially in the area of privacy and civil liberties
The Strategy will help ensure those responsible for combating terrorism and protecting our local communities have access to the timely and accurate information they need by:
UNCLASSIFIED
ISE Implementation Plan• Responds to 11 specific IRTPA
requirements• DNI sent to Congress - Nov06• Described the vision and strategic
goals for the future ISE• Laid out two-phase implementation
approach– Phase 1: Nov 2006 – June 2007– Phase 2: July 2007 – June 2009
• Incorporated responses to Presidential Information Sharing Guidelines
• Defines ISE Enterprise Architecture Framework and common standards (chapter 6)www.ise.gov
UNCLASSIFIED
04/19/23 UNCLASSIFIED 6
Who is the ISE?• Multiple Communities of Interest• Multiple User Types• Multiple Governmental and Non-governmental Entities
IntelLaw
Enforcement
ForeignAffairs
Homeland Security
Defense
OperatorsOperators
Command & ControlCommand & Control
AnalystsAnalysts
InvestigatorsInvestigators
CollectorsCollectors
RespondersResponders
Federal
State, Local, Tribal
Foreign Partners
Private Sector
Terrorism Info(Terrorism, Homeland
Security, and WMD and Law Enforcement as it relates to Terrorism)
UNCLASSIFIED
04/19/23 UNCLASSIFIED 7
Why ISE Architecture and Common Standards Program?
• The Problem– Need to weave together cross-agency, cross domain, national security
and civil processes and systems to support the requirements of the ISE– Factors in responding to the problem
• National security and homeland security processes and resources• Controlled Unclassified Information (CUI)• Privacy and civil liberties protections• Domestic intelligence - foreign intelligence• Seamless Federal, state, local, and tribal integration• Investment Strategies (consistent with governmental guidelines)
– Acknowledgment this is a new, undefined area for government
• Federal law and Presidential direction– IRTPA (December 2004)– Presidential Guidelines (December 16, 2005 Presidential Memo)– National Strategy for Information Sharing (October 2007)
UNCLASSIFIED
04/19/23 UNCLASSIFIED 8
ISE Enterprise Architecture Framework, Version 1.0
• Purpose– Provide a terrorism information
sharing dimension across civil and national security enterprise architectures
– Meet IRTPA direction to “plan for” the ISE using technology
– Aid ISE participants with integration and connection guidance to the ISE
UNCLASSIFIED
ISE EAF – Architect’s & Implementer’s ViewsFEA Reference Models
ISEEnterprise
ArchitectureFramework
FEA Business Ref Model
Business Partition
Data Partition
Application & Service Partition
TechnicalPartition
ISE EAF -Architect’s
View
ISE EAF –Implementer’s
View
FEA Business Ref Model
FEA Performance
Ref Model
FEA Data
Ref Model
FEA Service Component Ref Model
FEA Technical Ref Model
Policy & Governance
Information Assurance (IA)
Core Services
Portal Services
ISE Core
Core Transport
Agency/Center …
Fusion Center X
Applications
Agency Transport
Shared Data Assets
Agency A
Shared Services
FEA Reference Models
ISEEnterprise
ArchitectureFramework
FEA Business Ref Model
Business Partition
Data Partition
Application & Service Partition
TechnicalPartition
ISE EAF -Architect’s
View
ISE EAF –Implementer’s
View
FEA Business Ref Model
FEA Performance
Ref Model
FEA Data
Ref Model
FEA Service Component Ref Model
FEA Technical Ref Model
Policy & Governance
Information Assurance (IA)
Core Services
Portal Services
ISE Core
Core Transport
Agency/Center …
Fusion Center X
Applications
Agency Transport
Shared Data Assets
Agency A
Shared Services
UNCLASSIFIED
Impact of an EAF for the ISE
Impacts across three disciplines:
1. Business Processes
2. Policy
3. Technology
ISE EAF will enable the ISE by:
1. Translating ISE business process needs into a cohesive and aligned investment strategy
2. Identifying policy areas
3. Provide a program management tool for building the ISE (oversee implementation of ISE)
ISE EAF Aligned with the FEA• Priorities aligned with strategic plans
and executive level direction.
• Proactive and collaborative across the Federal government
• Architecture development is an integral part of the capital investment process. No investment should be made without a business-driven architecture.
Participant A
Participant B
Users
Users
Applications
Applications
Databases
Databases
Information Sharing Environment
ISE Space
ISE Space
Core ServicesDiscoveryIA SecurityMediationMessagingEnterprise
ManagementCollaboration
User AssistanceStorage
Application
ISE PortalService RegistrationISE Documentation
ISE StatusService DiscoveryUser Assistance
Search ToolsPortal HostingAdmin Alerts
UNCLASSIFIED
04/19/23 UNCLASSIFIED 1104/19/23 UNCLASSIFIED 11
ISE EAF: Application and Services
ISE Shared Space:
• Common Terrorism Information Sharing Standards.
• Common IA model.
UNCLASSIFIED
04/19/23 UNCLASSIFIED 12
FEA-ISE Profile, Version 1.0• Purpose
– A companion document to the ISE EAF, Version 1.0 (released 30 Aug ‘07)
– Describes how agencies use existing resources, standards, best practices and use cases to implement ISE attributes and connect to the ISE
– Communicated compliance through OMB’s Federal Transition Framework Catalog
– Current OMB Profiles• Security and Privacy• Geospatial• Records Management
UNCLASSIFIED
04/19/23 UNCLASSIFIED 13
Using the ISE EAF and FEA-ISE Profile
FEA-ISE Profile
ISE Core Component
Specs
Department/Agency X
System X
System I
ISE Core
Dept/ Agency X
EA
System X Architecture
ISE Enterprise
ArchitectureFramework
System I Architecture
FTFCatalog
Policy & Governance
Information Assurance (IA)
ISE EAF – Implementer’s View
Core Services
Portal Services
ISE Core
Core Transport
Agency/Center …
Fusion Center X
Applications
Agency Transport
Shared Data Assets
Agency A
Shared Services
Policy & Governance
Information Assurance (IA)
ISE EAF – Implementer’s View
Core Services
Portal Services
ISE Core
Core Transport
Core Services
Portal Services
ISE Core
Core Transport
Agency/Center …Agency/Center …
Fusion Center XFusion Center X
Applications
Agency Transport
Shared Data Assets
Agency A
Shared Services
Applications
Agency Transport
Shared Data Assets
Agency A
Shared Services
• ISE Business Processes
• ISE Performance Metrics
• EAF: Enterprise Architecture Framework• FEA: Federal Enterprise Architecture• FTF: Federal Transition Framework
Agency Capital Planning &Investment Control (CPIC)
Process >> Exhibits 53 & 300
Version 1.0 (December 2006)
UNCLASSIFIED
04/19/23 UNCLASSIFIED 14
ISE Standards Objective
“The ISE must, to the extent possible, be supported by common standards that maximize the acquisition, access, retention, production, use, management, and sharing of terrorism information within the ISE consistent with the protection of intelligence, law enforcement, protective, and military sources, methods, and activities.”
President’s Memorandum for the Headsof Executive Departments and AgenciesDecember 16, 2005
UNCLASSIFIED
04/19/23 UNCLASSIFIED 15
Taxonomy of the CTISS
STANDARDSDomestic and International
CTISSIn accordance with IRTPA and Guideline 1,
Common Standards for the ISE
Functional Standards (FS)FS issuances under theISE Issuance System
Technical StandardsGuidance (G) issuances under the
ISE Issuance System
Information ExchangesInformation Exchange Package Documentation, etc.
Voluntary Consensus Standards
Government-uniqueStandards
OtherStandards
Functional standards: Rules, conditions, guidelines, and characteristics of data, mission products, and detailed operational activity supporting ISE business process areas. Technical standards: Specific technical methodologies and practices to design and implement information sharing capability into ISE systems.
CTISS ProgramIssuance
UNCLASSIFIED
04/19/23 UNCLASSIFIED 16
Common Terrorism Information Sharing Standards
• Better terrorism-related information sharing through standard formats, rules and conditions
• Relationships established with the National Information Exchange Model and DOD/IC U-Core to assist in developing and harmonizing standards across the ISE
ISM CAPCO NIEM/Global JXDM
XMLSOAPREST
UDDIISO 9000
ISO 17799
DublinCore
FIPSDDMS
CAPCO: Controlled Access Program Coordination OfficeDCMI: Dublin Core Metadata InitiativeDDMS: DoD Discovery Metadata SpecificationFIPS: Federal Information Processing StandardsISM: Information Security MarkingsISO: International Organization for StandardizationJRA: Justice Reference ArchitectureJXDM: Justice XML Data ModelMWG: Metadata Working GroupNIEM: National Information Exchange ModelNIST: National Institute of Standards and Technology
OASIS: Organization for the Advancement of Structured Information StandardsREST: Representational State TransferSAR: Suspicious Activity ReportSOAP: Simple Object Access ProtocolTWPDES: Terrorist Watchlist Person Data Exchange StandardUDDI: Universal Description, Discovery, and IntegrationW3C: World Wide Web ConsortiumXML: Extensible Mark-up Language
Government Standards
Commercial Standards
TerrorismInformation
Domains
ISE Network Security Domains
ReferenceModels
StandardsTypes
DefiningBodies
Core Standards
ISE Functionaland Technical
Standards
Inte
llige
nce
Law
Enf
orce
men
t
Hom
elan
d Se
curit
y
Fore
ign
Affa
irs
Def
ense
SBU Secret/Collateral TS-SCI
Federal Enterprise Architecture
IC EA CC EA DoD EA Agency EAs/JRA
Federal
State, Local, Tribal
Foreign Partners
Private Sector
Tearlines CargoScreening
PeopleScreening
TWPDES SARConveyance
ISE Enterprise ArchitectureISE Operational Concept/Business Processes
DCMICAPCO DoD/ICMWG NIEM
ISOW3C
OASIS
ISOOASIS NIST
Exchange Protocols
ServicesMetadata Data
TechnicalStandards