Countering Insider Threats with Standards-Based Data Architecture

The Office of the Program Manager for the Information Sharing Environment (PM-ISE) is partnering with the Defense Security Service (DSS) to improve information sharing capabilities by developing a data dictionary and standardized data architecture for DSS information technology (IT) systems. DSS strengthens national security at home and abroad through security oversight and education operations. DSS oversees the protection of U.S. and foreign classified information and technologies in the hands of cleared industry under the National Industrial Security Program by providing professional risk management services. As Functional Manager for the Department of Defense (DoD), DSS provides security education, training, certification, and professional development for DoD and for other U.S. Government personnel, contractor employees, and representatives of foreign governments.

Currently, there is no common method to automate sharing of data among internal DSS systems, or with external Federal and industry partner systems.  DSS systems include the National Industrial Security System (NISS), Office of Designated Approving Authority (ODAA) Business Management System (OBMS), Analysis, Research, Case Tracking, and Collaboration (ARCTC), NISP Contract Classification System (NCCS), NISP Central Access and Information Security System (NCAISS), and Defense Insider Threat Management and Analysis Center (DITMAC).

The joint threat and risk initiative seeks to use the National Information Exchange Model (NIEM) and Object Management Group (OMG) threat and risk model to create a data dictionary of standard vocabulary for DSS IT systems. NIEM assists users in adopting a standards-based approach to exchanging data by creating a data dictionary of agreed-upon terms, definitions, relationships, and formats as well as a project management framework to implement a standardized data model approach[1]. OMG threat and risk modeling builds upon NIEM’s approach by taking the standardized data and mapping it to multiple exchange schema so that analytics can be applied using multiple data sources[2].

This approach to standardized data architecture will be used to support insider threat investigations for the DoD, and improve the oversight of classified information in the hands of cleared government contractors and companies. This strategy will also help align information sharing policies with the underlying data structures leading to better application of data tagging and policy-based information sharing standards.

ISE Bloggers's picture
Blog Author: ISE Bloggers, | Oct 25, 2016

Read more posts by ISE Bloggers