Standards: Enabling National SecurityPosted by Dr. David Bray, Former PM-ISE Executive for Innovation, Integration, & Interoperability on Wednesday, October 26, 2011
Interested in data standards? Don't miss the Workshop on Info Sharing and Safeguarding Standards, or WIS3, on December 5th, 2011. Learn more. UPDATE: Follow the live Twitter stream of WIS3 coverage at #WIS3!
A few weeks ago, I had the honor to meet representatives from the Department of Defense (DoD) and the Intelligence Community (IC) to discuss the need for a common framework for information exchanges among agencies. Differing parts of our government use different information exchange frameworks, which include different standards for sharing information. This is a problem, as the news events of the past few weeks clearly illustrate.
It was reported that a foreign power was plotting with Mexican drug cartels to assassinate a diplomat of another foreign power on U.S. soil. That situation involves law enforcement, homeland security, defense, intelligence, and diplomacy — the five communities that constitute the ISE. The Congress, with the passage of IRTPA in 2004, understood the interdisciplinary nature of the present and future threats our nation would face, and outlined requirements for the ISE to enable information sharing across these five communities. The Congress asked the ISE to do this via a decentralized, distributed approach, with existing systems, and without the need to centralize information.
When addressing the DoD and the IC, I highlighted these news headlines to emphasize that the challenges our nation faces are not limited to a single department. Our future success at mitigating these threats, as well as capitalizing on potential, positive opportunities, requires departments and agencies at all levels of government to responsibly share information across organizational boundaries. This requires common information exchange standards, so we can "speak" a common language across information systems in government.
Responsible information sharing also requires a common identity management and access control across government, so we can identify specific individuals using information systems and monitor their access patterns. We need to do this to ensure that government workers are sharing and safeguarding information responsibly, such that privacy, civil liberties, and classified information — which if leaked may put people's lives in danger.
In the end, we need to consistently reuse standards — both information exchange and identity management — across the whole-of-government. Ultimately we'll also want approaches that allow us to correlate data in near real-time from different agencies without the need to centralize the information, as well as automate policy-based decisions to enable faster access to information based on an individual's identity, purpose, and the state of national alert. Together, our nation's ability to mitigate threats and capitalize on positive opportunities depends on it.