Program Manager, Information Sharing Environment

UNCLASSIFIED

UNCLASSIFIED

ISE Enterprise Architecture and Common Standards Program

UNCLASSIFIED

04/19/23 UNCLASSIFIED 2

IRTPA Section 1016: Creating the ISE

President George W. Bush on signingthe Intelligence Reform and Terrorist Prevention Act

17 December 2004

Section 1016, as amended*:

“The President shall –

(A) create an information sharing environment for the sharing of terrorism information in a manner consistent with national security and with applicable legal standards relating to privacy and civil liberties;

(B) designate the organizational and management structures that will be used to operate and manage the ISE; and

(C) determine and enforce the policies, directives, and rules that will govern the content and usage of the ISE.”

* The Implementing Recommendations of the 9/11 Commission Act of 2007, enacted in August of this year, included amendments to section 1016. The new law expands the scope of the ISE to explicitly include homeland security and terrorism-related weapons of mass destruction information.

UNCLASSIFIED

04/19/23 UNCLASSIFIED 3

National Strategy for Information Sharing

• National Strategy for Information Sharing: Success and Challenges in Improving Terrorism-Related Information Sharing issued on October 31, 2007 by President Bush

• Prioritizes and unifies the Nation’s efforts to advance the sharing of terrorism-related information

UNCLASSIFIED

04/19/23 UNCLASSIFIED 4

Elements of National Strategy for Information Sharing

• Providing a framework for enhanced information sharing among Federal, State, local, and tribal officials, the private sector, and foreign partners

• Describing the Federal Government's approach to support State and major urban area fusion centers

• Protecting the legal rights of Americans especially in the area of privacy and civil liberties

The Strategy will help ensure those responsible for combating terrorism and protecting our local communities have access to the timely and accurate information they need by:

UNCLASSIFIED

ISE Implementation Plan• Responds to 11 specific IRTPA

requirements• DNI sent to Congress - Nov06• Described the vision and strategic

goals for the future ISE• Laid out two-phase implementation

approach– Phase 1: Nov 2006 – June 2007– Phase 2: July 2007 – June 2009

• Incorporated responses to Presidential Information Sharing Guidelines

• Defines ISE Enterprise Architecture Framework and common standards (chapter 6)www.ise.gov

UNCLASSIFIED

04/19/23 UNCLASSIFIED 6

Who is the ISE?• Multiple Communities of Interest• Multiple User Types• Multiple Governmental and Non-governmental Entities

IntelLaw

Enforcement

ForeignAffairs

Homeland Security

Defense

OperatorsOperators

Command & ControlCommand & Control

AnalystsAnalysts

InvestigatorsInvestigators

CollectorsCollectors

RespondersResponders

Federal

State, Local, Tribal

Foreign Partners

Private Sector

Terrorism Info(Terrorism, Homeland

Security, and WMD and Law Enforcement as it relates to Terrorism)

UNCLASSIFIED

04/19/23 UNCLASSIFIED 7

Why ISE Architecture and Common Standards Program?

• The Problem– Need to weave together cross-agency, cross domain, national security

and civil processes and systems to support the requirements of the ISE– Factors in responding to the problem

• National security and homeland security processes and resources• Controlled Unclassified Information (CUI)• Privacy and civil liberties protections• Domestic intelligence - foreign intelligence• Seamless Federal, state, local, and tribal integration• Investment Strategies (consistent with governmental guidelines)

– Acknowledgment this is a new, undefined area for government

• Federal law and Presidential direction– IRTPA (December 2004)– Presidential Guidelines (December 16, 2005 Presidential Memo)– National Strategy for Information Sharing (October 2007)

UNCLASSIFIED

04/19/23 UNCLASSIFIED 8

ISE Enterprise Architecture Framework, Version 1.0

• Purpose– Provide a terrorism information

sharing dimension across civil and national security enterprise architectures

– Meet IRTPA direction to “plan for” the ISE using technology

– Aid ISE participants with integration and connection guidance to the ISE

UNCLASSIFIED

ISE EAF – Architect’s & Implementer’s ViewsFEA Reference Models

ISEEnterprise

ArchitectureFramework

FEA Business Ref Model

Business Partition

Data Partition

Application & Service Partition

TechnicalPartition

ISE EAF -Architect’s

View

ISE EAF –Implementer’s

View

FEA Business Ref Model

FEA Performance

Ref Model

FEA Data

Ref Model

FEA Service Component Ref Model

FEA Technical Ref Model

Policy & Governance

Information Assurance (IA)

Core Services

Portal Services

ISE Core

Core Transport

Agency/Center …

Fusion Center X

Applications

Agency Transport

Shared Data Assets

Agency A

Shared Services

FEA Reference Models

ISEEnterprise

ArchitectureFramework

FEA Business Ref Model

Business Partition

Data Partition

Application & Service Partition

TechnicalPartition

ISE EAF -Architect’s

View

ISE EAF –Implementer’s

View

FEA Business Ref Model

FEA Performance

Ref Model

FEA Data

Ref Model

FEA Service Component Ref Model

FEA Technical Ref Model

Policy & Governance

Information Assurance (IA)

Core Services

Portal Services

ISE Core

Core Transport

Agency/Center …

Fusion Center X

Applications

Agency Transport

Shared Data Assets

Agency A

Shared Services

UNCLASSIFIED

Impact of an EAF for the ISE

Impacts across three disciplines:

1. Business Processes

2. Policy

3. Technology

ISE EAF will enable the ISE by:

1. Translating ISE business process needs into a cohesive and aligned investment strategy

2. Identifying policy areas

3. Provide a program management tool for building the ISE (oversee implementation of ISE)

ISE EAF Aligned with the FEA• Priorities aligned with strategic plans

and executive level direction.

• Proactive and collaborative across the Federal government

• Architecture development is an integral part of the capital investment process. No investment should be made without a business-driven architecture.

Participant A

Participant B

Users

Users

Applications

Applications

Databases

Databases

Information Sharing Environment

ISE Space

ISE Space

Core ServicesDiscoveryIA SecurityMediationMessagingEnterprise

ManagementCollaboration

User AssistanceStorage

Application

ISE PortalService RegistrationISE Documentation

ISE StatusService DiscoveryUser Assistance

Search ToolsPortal HostingAdmin Alerts

UNCLASSIFIED

04/19/23 UNCLASSIFIED 1104/19/23 UNCLASSIFIED 11

ISE EAF: Application and Services

ISE Shared Space:

• Common Terrorism Information Sharing Standards.

• Common IA model.

UNCLASSIFIED

04/19/23 UNCLASSIFIED 12

FEA-ISE Profile, Version 1.0• Purpose

– A companion document to the ISE EAF, Version 1.0 (released 30 Aug ‘07)

– Describes how agencies use existing resources, standards, best practices and use cases to implement ISE attributes and connect to the ISE

– Communicated compliance through OMB’s Federal Transition Framework Catalog

– Current OMB Profiles• Security and Privacy• Geospatial• Records Management

UNCLASSIFIED

04/19/23 UNCLASSIFIED 13

Using the ISE EAF and FEA-ISE Profile

FEA-ISE Profile

ISE Core Component

Specs

Department/Agency X

System X

System I

ISE Core

Dept/ Agency X

EA

System X Architecture

ISE Enterprise

ArchitectureFramework

System I Architecture

FTFCatalog

Policy & Governance

Information Assurance (IA)

ISE EAF – Implementer’s View

Core Services

Portal Services

ISE Core

Core Transport

Agency/Center …

Fusion Center X

Applications

Agency Transport

Shared Data Assets

Agency A

Shared Services

Policy & Governance

Information Assurance (IA)

ISE EAF – Implementer’s View

Core Services

Portal Services

ISE Core

Core Transport

Core Services

Portal Services

ISE Core

Core Transport

Agency/Center …Agency/Center …

Fusion Center XFusion Center X

Applications

Agency Transport

Shared Data Assets

Agency A

Shared Services

Applications

Agency Transport

Shared Data Assets

Agency A

Shared Services

• ISE Business Processes

• ISE Performance Metrics

• EAF: Enterprise Architecture Framework• FEA: Federal Enterprise Architecture• FTF: Federal Transition Framework

Agency Capital Planning &Investment Control (CPIC)

Process >> Exhibits 53 & 300

Version 1.0 (December 2006)

UNCLASSIFIED

04/19/23 UNCLASSIFIED 14

ISE Standards Objective

“The ISE must, to the extent possible, be supported by common standards that maximize the acquisition, access, retention, production, use, management, and sharing of terrorism information within the ISE consistent with the protection of intelligence, law enforcement, protective, and military sources, methods, and activities.”

President’s Memorandum for the Headsof Executive Departments and AgenciesDecember 16, 2005

UNCLASSIFIED

04/19/23 UNCLASSIFIED 15

Taxonomy of the CTISS

STANDARDSDomestic and International

CTISSIn accordance with IRTPA and Guideline 1,

Common Standards for the ISE

Functional Standards (FS)FS issuances under theISE Issuance System

Technical StandardsGuidance (G) issuances under the

ISE Issuance System

Information ExchangesInformation Exchange Package Documentation, etc.

Voluntary Consensus Standards

Government-uniqueStandards

OtherStandards

Functional standards: Rules, conditions, guidelines, and characteristics of data, mission products, and detailed operational activity supporting ISE business process areas. Technical standards: Specific technical methodologies and practices to design and implement information sharing capability into ISE systems.

CTISS ProgramIssuance

UNCLASSIFIED

04/19/23 UNCLASSIFIED 16

Common Terrorism Information Sharing Standards

• Better terrorism-related information sharing through standard formats, rules and conditions

• Relationships established with the National Information Exchange Model and DOD/IC U-Core to assist in developing and harmonizing standards across the ISE

ISM CAPCO NIEM/Global JXDM

XMLSOAPREST

UDDIISO 9000

ISO 17799

DublinCore

FIPSDDMS

CAPCO: Controlled Access Program Coordination OfficeDCMI: Dublin Core Metadata InitiativeDDMS: DoD Discovery Metadata SpecificationFIPS: Federal Information Processing StandardsISM: Information Security MarkingsISO: International Organization for StandardizationJRA: Justice Reference ArchitectureJXDM: Justice XML Data ModelMWG: Metadata Working GroupNIEM: National Information Exchange ModelNIST: National Institute of Standards and Technology

OASIS: Organization for the Advancement of Structured Information StandardsREST: Representational State TransferSAR: Suspicious Activity ReportSOAP: Simple Object Access ProtocolTWPDES: Terrorist Watchlist Person Data Exchange StandardUDDI: Universal Description, Discovery, and IntegrationW3C: World Wide Web ConsortiumXML: Extensible Mark-up Language

Government Standards

Commercial Standards

TerrorismInformation

Domains

ISE Network Security Domains

ReferenceModels

StandardsTypes

DefiningBodies

Core Standards

ISE Functionaland Technical

Standards

Inte

llige

nce

Law

Enf

orce

men

t

Hom

elan

d Se

curit

y

Fore

ign

Affa

irs

Def

ense

SBU Secret/Collateral TS-SCI

Federal Enterprise Architecture

IC EA CC EA DoD EA Agency EAs/JRA

Federal

State, Local, Tribal

Foreign Partners

Private Sector

Tearlines CargoScreening

PeopleScreening

TWPDES SARConveyance

ISE Enterprise ArchitectureISE Operational Concept/Business Processes

DCMICAPCO DoD/ICMWG NIEM

ISOW3C

OASIS

ISOOASIS NIST

Exchange Protocols

ServicesMetadata Data

TechnicalStandards

UNCLASSIFIED

QUESTIONS?

Ken ClarkOffice of the PM-ISE

202-331-4071kennenc0@dni.gov