Many state law enforcement agencies do not offer a single sign-on, or Simplified Sign-On, for the many different law enforcement systems and databases their employees need. This makes using them cumbersome and often doubles, triples, or even quadruples investigators’ work. Fixing this, with what is often referred to as a federated identity model, can require costly IT investment and difficult legal and policy hurdles. Two state law enforcement organizations, Oregon State Information Network (OSIN) and the South Dakota Division of Criminal Investigation (SD DCI), solved this issue with minimal costs.
By working with the Regional Information Sharing Systems™ (RISS), Oregon and South Dakota developed a federated identity capability under a grant from the Program Manager for the Information Sharing Environment’s (PM-ISE) implementation funding initiative. PM-ISE awarded the funding to RISS to advance justice-related information sharing by increasing the number of justice-related agencies who participate in the National Information Exchange Federation (NIEF), an organization of state and local law enforcement and government agencies dedicated to information sharing.
Access with GFIPM and NIEF
NIEF was created in 2008 as an outgrowth of the Global Federated Identity and Privilege Management (GFIPM) program, which seeks to develop secure, scalable, and cost-effective technologies for law enforcement and criminal justice information sharing based on federated identity and privilege management.
Oregon and South Dakota users will also be able to access resources from all active NIEF partners. Currently, this includes:
- Criminal Information Sharing Alliance Network (CISAnet), which supports criminal and investigative information sharing among the states of Alabama, Arizona, California, Georgia, Idaho, Louisiana, Mississippi, New Mexico, Oklahoma and Texas, the El Paso Intelligence Center, and the six Regional Information Sharing Systems.
- Los Angeles County Sheriff’s Department
- RISS, which offers:
- RISS Automated Trusted Information Exchange (ATIX™) Website
- Automated Trusted Information Exchange (ATIX) Bulletin Board
- RISSNET TechPage, which provides system status, announcements, technology news, technical support contact information, and other resources that are of interest to users of RISSNET.
- Intelink-U, which provides information sharing and collaboration capabilities to the intelligence community at the controlled unclassified information (CUI) level, including web-based content search, email, chat, instant messaging, forums, wikis, and blogs.
Additionally, NIEF’s partners can restrict access privileges at the resource level, which means that RISS also provides specific accesses to the following databases to sworn law enforcement users or those acting on behalf of sworn law enforcement officers:
- Cold Case Locator System, which is designed to help users quickly locate and connect unsolved homicides based on victims’ location, age, sex, and approximate date of death.
- National Criminal Intelligence Resource Center (NCIRC) – Law Enforcement Sensitive site
- National Motor Vehicle Title Information System (NMVTIS) Law Enforcement Access Tool
- RISS National Gang Program (RISSGang) Website
- RISS Officer Safety Website
Finally, the following organizations and systems are currently working to make some resources available via NIEF:
- FBI Criminal Justice Information System (CJIS) Law Enforcement Online (LEO) Enterprise Portal, which provides access using single sign-on technology to resources beneficial to the law enforcement, intelligence, and criminal justice communities
- Department of Homeland Security’s Information Network (HSIN) portal, and
- Pennsylvania Justice Network (JNET)
Getting Oregon and South Dakota Up and Running
For this project, RISS will provide Oregon and South Dakota training in federated identity and how to implement a federated identity capability based on Global Federated Identity and Privilege Management (GFIPM). RISS will also assist staff in establishing and testing the technical environment needed to participate fully in the federation. To date, Oregon and South Dakota’s technical staffs have received training in the concepts of identity federations, as implemented within the NIEF framework, and in the coding required to create their individual SP functionality.
We look forward to continuing to improve law enforcement’s secure access to the information they need by working with the PM-ISE and its information sharing mission partners. Let us know what you think in the comments below and for more information, contact the RISS Office of the Chief Information Officer at 610-738-8810.