The ISE Enterprise Architecture Framework (ISE EAF) provides a strategic roadmap for:
- long-term business and technology standardization
- information systems planning
- integration into the ISE
The CTISS Framework provides a mapping and programmatic structure that identifies standards types, standards defining bodies, and core standards for use across the ISE community.
What does it mean to interface with the ISE?
By interfacing with the ISE, an agency gains access to the tools necessary to facilitate more effective information sharing, both within its own organization and with partner agencies. An ISE foundational tool, the ISE Enterprise Architecture Framework (EAF), provides strategic architectural guidance for agencies needing to develop or modify existing information exchange architectures.
What roles are within the ISE?
There are two ISE membership roles:
• An ISE Participant is an individual who belongs to a federal, state, local, or tribal government organization
• An ISE Implementation Agent is an organization that provides infrastructure and services to an ISE integrated identity and access management process.
How do I go about aligning to the ISE Enterprise Architecture Framework from an agency perspective?
Agencies align themselves to the ISE EAF by adjusting their respective Segment Enterprise Architectures to the ISE Core mission processes which consist of:
• Requirements & Roles
• Alerts & Warnings
• Suspicious Activity Report
• Identification & Screening
• Policy & Decision Making
Developing Info-Sharing Capability
What is an ISE shared space and what is required to develop one?
The ISE Shared Spaces are networked data and information repositories that make standardized terrorism related information, applications, and services accessible to all ISE participants. Available in each of the three ISE Security Domains (CUI/SBU, Secret/Collateral, and Top Secret/SCI), development of an ISE shared space requires the ability to:
• accept properly formatted inputs from authorized databases via an automated transfer process
• authorize users via the ISE Core before allowing queries to an ISE Shared Space
• accept federated queries from other ISE Shared Spaces
• allow authorized users to submit a federated query requesting selected records
What is required for National Security Implementation Framework compliance?
Compliance requires "uniformity and consistency in the application of security standards for state, local, tribal, and private sector entities (SLTPS) with whom classified information is shared and in the processes and standards for providing access to and safeguarding such information when shared with SLTPS entities." Classified National Security Information Program for state, local, tribal and private sector entities Implementing Directive February 2012.
Data Exchange Toolkit
Overview The Data Exchange Toolkit provides the tools necessary for launching a successful data exchange improvement initiative:
• Phase 1: Define Scope and Identify Candidates
• Phase 2: Assess and Identify Solutions
• Phase 3: Plan and Implement Solutions
• Phase 4: Evaluate the Improvement
The toolkit assists data producers to create, extract, and deliver data quicker, while also improving its quality, consistency, timeliness, and availability. The complete toolkit is available for download here. Please assist us to improve the toolkit by sharing your feedback and lessons learned.
Define Scope & Success Criteria
Phase 1: Define Scope and Identify Candidates
A successful data exchange improvement initiative begins with:
- a well-defined project scope
- a clearly articulated success criteria (see Project Charter)
- buy-in from identified partners
In the early stages, it is crucial to ensure that all partners are fully informed and committed to successfully completing the project. If you are seeking partners, you will use this stage to identify, evaluate, and recruit candidates.
Interview and Evaluate Candidates
If you are seeking partners, you will use this stage to identify, evaluate, and recruit candidates. The Exchange Evaluation Criteria questionnaire will assist you to evaluate the current state of the candidate’s systems and gauge the candidate’s level of support for the initiative. This information is vital to determining if candidates should participate in a data exchange improvement initiative.
This questionnaire scores candidates based on top criteria for a successful improvement initiative. The following questions evaluate the exchange’s current state.
Next, select exchange candidates based on the above criteria. This phase is useful for complex, multi-agency initiatives that require you to identify partners with the highest potential for success. The Exchange Evaluation Analysis will assist you to rank the agencies and justify your selections.
Our pilot team found that decisions can be controversial, so a clear rationale was helpful. Additionally, this step ensured that our initiative had the sponsorship and resources necessary to improve the exchanges.
A scoring system that allows you to rank exchange candidates based on their scores in the following areas:
Welcome the newly selected data exchange participants. Consider using the Resource Commitment Memorandum to communicate your expectations and to request that each participant confirms his or her commitment to the data exchange.
Sample memo that welcomes data exchange participants to an improvement initiative, explains expectations and resource requirements, and asks participants to confirm their commitment
Phase 2: Identify Issues and Solutions
In this phase, have your partners complete an exchange asessment. Organize the issues identified in the assessment and discuss possible solutions with your partners. Our pilot team used the following steps to accomplish these tasks:
- Assess the Current Exchange
- Identify Issues
- Meet and Discuss Solutions
Once you have identified the participating exchanges, you must assess the current performance of each exchange. The Exchange Assessment Survey is an interview questionnaire that helps you compare the current baseline of the exchanges to your improvements.
The questions in this survey measure the processes of producing, transporting, and consuming a data set. They are sample questions, so you may need to edit them to fit your needs.
Your partners may not have detailed measurements of each of the processes, but should be asked to provide estimates. Finally, the survey includes open-ended questions to gather comments and general feedback.
This survey documents the best and worst case performance for the steps in each data exchange, as well as general feedback.
Use the information gathered from your partners in the Exchange Evaluation Criteria, the Exchange Evaluation Analysis, and the Exchange Assessment Survey to develop a list of issues. The Issue Assessment Table will assist you to organize and prioritize that list. Issues affecting the quality, consistency, and timeliness of the exchange should be documented.
It is not necessary to complete every column in the table at this time. You will have the opportunity to discuss these items with your partners in the next step.
This table organizes the issues you have identified and necessary details about the issues, such as the points of contact, needed resources, and dependencies.
When improving or developing new data exchanges, communication is essential. Once you have organized your list of issues in the Issues Assessment Table, host a meeting with the business and technical representatives from each participating organization to discuss possible solutions, and then complete the table.
As noted above, our pilot team resolved many data exchange issues by making them conformant with the National Information Exchange Model (NIEM). NIEM adoption provides a standard framework for exchange information that improves the quality and consistency of exchanged data. NIEM provides a process for documenting changes to the structure of information exchanges, providing both the data producers and consumers with a flexible exchange standard that allows the data to respond to business needs. NIEM adoption and Information Exchange Package Documentation (IEPD) also facilitate the creation of new information exchanges around existing data sets.
Our pilot team found that consistant communication with technical and business representatives allowed us to quickly and effectively identify issues and share solutions.
After you've identified and discussed the issues, prioritize the list. Our pilot team captured multiple issues and solutions in the discussion that were outside of the practical scope of their project. To resolve this, they consolidated and aligned similar issues and solutions in a second meeting.
Phase 3: Plan and Implement Solutions
In this phase, plan and implement your solutions. Our pilot team implemented NIEM standardizations to solve multiple issues, with the help of the tools and templates in the following steps:
- Plan Solutions
- Implement Solutions
After you have consolidated and aligned similar challenges and solutions, you should create a project plan to implement the solutions. The Solution Task Plan is an outline of a project plan. In addition, you should establish a Data Use Agreement to document how the data will be protected, used, and removed, and to establish who is permitted to view and use the data.
This template is designed to:
This document will assist you to establish rules and guidelines for protecting and using data. We developed this template specifically to access exchange data necessary to build the translation scripts that convert exchanged data to NIEM-conformant XML.
In this step, you begin implementing your solutions. For solutions that require NIEM standardizations, our pilot team implemented NIEM–conformal XML to both participating exchanges by developing NIEM IEPDs and creating scripts that transformed the data’s Oracle-based production format to a NIEM-based exchange format. Our pilot team used the following tools to implement NIEM-conformant XML.
Working with IEPDs
NIEM.gov provides instructions for building, saving, sharing, registering, and managing a NIEM IEPD.
The NIEM Tools Catalog available at NIEM.gov includes many of the web-based and stand-alone tools you will need:
This IEPD template was used by our pilot team to build an IEPD. Some steps and files are specific to our pilot and may not be relevant to all users. The NIEM Program Management Office will soon release a standard NIEM IEPD template.
This zip folder includes the relevant files for the IEPD Template (above).
NIEM Model Package Description
This specification is offered by the NIEM PMO to help users understand NIEM basics and how to best use NIEM to meet business needs.
Phase 4: Evaluate the Improvement
Finally, you should evaluate the improved data exchange during the processes of data production, transportation, and ingestion.
- Measure Results
In this final step, you will assess the effectiveness of your improvement initiative by asking your partners to complete the Exchange Assessment Survey from Phase 2. Ideally, they should include metrics from two iterations.
This survey documents the best and worst case performance for the steps in each data exchange, as well as general feedback.
Throughout the Pilot, the team encountered a number of obstacles and gained important lessons learned on how to best execute future Pilots.
Collaboration and Communication:
- Schedule a recurring meeting for all stakeholders to gain a better understanding of each other’s schedules and the limitations of the exchange.
- Secure executive level support from all parties. A roundtable with exchange partners is an effective means of gaining executive support
- Provide clear technical and mission value realized by data producers, consumers, and the community
- Focus on mission engagement
Technical Assessment and Development:
- Develop a clear understanding of the various tools, such as decryption tools, needed based on the data being received, and make sure they are available.
- Construct a clear understanding of the platform environment needed including database version, operating system, etc.
- Validate data requirements with all parties to ensure that data output meets the consumers’ needs.
- Authenticate exchange specifications with the data producer and the consumers
- Create a metrics framework early in the process to capture baseline exchange metrics
- Develop trusting relationships with participants
- Consider the operational/mission requirements of all participants and the impact of proposed changes. The team must ensure that changes do not negatively impact mission performance
Build in Interoperability
What is interoperability?
The ability of systems, units, or forces to provide data, information, material, and services to and accept the same from other systems, units, or forces and to use the data, information, materiel, and services so exchanged to enable them to operate effectively together.
What is information assurance?
Information Assurance is the mechanism by which information and information systems ensure their availability, integrity, authentication, confidentiality, and non-repudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.
What are the different security domains?
The ISE has three security domains:
- Top Secret/Sensitive Compartmented Information
- Controlled Unclassified Information/Sensitive But Unclassified.
What information assurance standards exists?
Information Sharing Technical Guidance Technical Standard for Information Assurance document serves as one piece of the initial suite of technical standards under the Common Terrorism Information Sharing Standards (CTISS) program for implementing information technology capabilities in the Information Sharing Environment (ISE) for Information Assurance (IA) services.
Applying Security Practices to Justice Information is a document, produced by the Department of Justice in collaboration with the GLOBAL Justice initiative that addresses maintaining data integrity as one of 15 identified disciplines that span the important elements of an information security architecture.
What guidance exists to protect access to information?
This document, produced by the Department of Justice in collaboration with the GLOBAL Justice initiative, contains background information, overviews of best practices, and guidelines for secure information sharing. Controlling access to shared information is addressed within the 15 identified disciplines that span the important elements of an information security architecture.
Through this directive, DHS instills "uniformity and consistency in the application of security standards for state, local, tribal and private sector (SLTPS) entities with whom classified information is shared and prescribes the processes and standards for providing access to and safeguarding of such information when shared with SLTPS entities."
Department of Defense MANUAL, NUMBER 5200.01, Volume 3: DoD Information Security Program: Protection of Classified Information February 24, 2012
Through this volume of the DoD Information Security Program Manual, the DoD implements policy, assigns responsibilities, and provides procedures for the designation, marking, protection, and dissemination of classified information.
Department of Defense MANUAL, NUMBER 5200.01, Volume 4: DoD Information Security Program: Controlled Unclassified Information (CUI) February 24, 2012
Through this volume of the DoD Information Security Program Manual, the DoD provides guidance for the identification and protection of Controlled Unclassified Information (CUI).
What is simplified sign-on? How do I achieve it?
Simplified sign-on enables a user to access multiple secure networks and systems without the need for multiple credentials.
What are the ISE core services?
ISE Core Services are the following:
- Enterprise Service Management
What policies or regulations exist that describe what I am allowed to do with your information after receiving it?
- Applying Security Practices to Justice Information — This document, produced by the Department of Justice in collaboration with the GLOBAL Justice initiative, provides guidance on public access, privacy, and confidentiality of Justice data.
- Department of Defense MANUAL, NUMBER 5200.01, Volume 3: DOD Information Security Program: Protection of Classified Information — Through this volume of the DoD Information Security Program Manual, the DoD provides guidance for safeguarding, storage, destruction, transmission, and transportation of classified information.
- Department of Defense MANUAL, NUMBER 5200.01, Volume 4: DoD Information Security Program: Controlled Unclassified Information (CUI) — Through this volume of the DoD Information Security Program Manual, the DoD provides guidance for the identification and protection of Controlled Unclassified Information (CUI).
- DHS: Classified National Security Information Program for State, Local, Tribal and Private Sector Entities Implementing Directive February 2012 — Through this directive, DHS instills "uniformity and consistency in the application of security standards for state, local, tribal and private sector entities (SLTPS2) with whom classified information is shared and prescribes the processes and standards for providing access to and safeguarding of such information when shared with SLTPS entities."
What is Controlled Unclassified Information?
Department of Defense Manual, Number 5200.01, Volume 4: DoD Information Security Program: Controlled Unclassified Information (CUI) — Through this volume of the DoD Information Security Program Manual, the DoD provides guidance for the identification and protection of Controlled Unclassified Information (CUI).
What is identity management?
Identity and Access Management is the combination of technical systems, rules, and procedures that define the ownership, utilization, and safeguarding of personal identity information.
Federal Identity Credential and Access Management (FICAM) Maturity Model
The Federal Identity, Credential and Access Management (FICAM) initiative is an effort under the Federal Chief Information Officers (CIO) Council established to promote a consolidated approach for all government-wide identity, credential, and access management activities. A key output of the effort is the FICAM Roadmap and Implementation Guidance, which outlines a government-wide segment architecture for program managers, leadership, and stakeholders and practical guidance for implementing a segment architecture for FICAM management programs. Alignment with the FICAM Roadmap is required per OMB Policy Memorandum M-11-11.
What is authentication and authorization?
Authentication is the process of verifying that a person (or device) requesting access to protected resources is really who they say they are. Authentication is often used as a prerequisite to allowing access to resources in a system. Methods of authentication can include passwords, hardware tokens, software tokens, smart cards, software smart cards, and biometrics devices.
Authorization is determining if an authenticated person has permission to access protected resources and then granting or denying of access rights to a user, program, or process.
Applying Security Practices to Justice Information — This document, produced by the Department of Justice in collaboration with the GLOBAL Justice initiative, addresses authentication and authorization for controlling access to shared information.
What is a technical standard?
Technical standards document methodologies and practices to design and implement information sharing technology capability into systems, thereby enabling Interoperability.
What is a functional standard?
Functional standards set forth rules, conditions, guidelines, and characteristics of data and mission products supporting business processes.
What standards exist? Where do I find them?
- Classified National Security Information Program for State, Local, Tribal and Private Sector Entities Implementing Directive February 2012 — Through this directive, DHS instills "uniformity and consistency in the application of security standards for state, local, tribal and private sector entities (SLTPS2) with whom classified information is shared and prescribes the processes and standards for providing access to and safeguarding of such information when shared with SLTPS entities."
- Common Terrorism Information Sharing Standards (CTISS) Program Manual — This manual identifies the two categories of standards under CTISS, functional standards and technical standards, and presents a relational, hierarchical framework for the CTISS that provides defining structure and interfaces necessary for CTISS development and implementation.
- DOD Discovery Metadata Specification (DDMS) — The Department of Defense Discovery Metadata Specification (DoD Discovery Metadata Specification or DDMS) is a Net-Centric Enterprise Services (NCES) metadata initiative. DDMS defines discovery metadata elements for resources posted to community and organizational shared spaces.
- Federal Identity, Credential, and Access Management (FICAM) — Federal Identity, Credential, and Access Management (ICAM) requires a mechanism to assess the identity management standards against applicable federal requirements, policies, and laws.
- Geography Markup Language (GML) — Geography Markup Language (GML) is the XML grammar defined by the Open Geospatial Consortium (OGC) to express geographical features. GML serves as a modeling language for geographic systems as well as an open interchange format for geographic transactions on the Internet.
- Global Federated Identity and Privilege Management (GFIPM) framework provides the justice community and partner organizations with a standards-based approach for implementing federated identity.
- Global Reference Architecture (GRA) is an information sharing architecture that uses a service oriented architecture approach in order to meet the needs of government at all levels and fulfill the need for improved collaboration across communities.
- ISE-AM-300: Common Terrorism Information Sharing Standards (CTISS) Program (rescinded December 2014) — The CTISS Program identifies relevant standards categories, standards defining bodies, and core standards for developing business process-driven functional standards and technical standards. These standards are necessary to establish an integrated, nationwide enterprise of information sharing organizations and resources.
- ISE-FS-200: Suspicious Activity Reporting (SAR) provides an official documentation of observed behavior that may be indicative of intelligence gathering or pre-operational planning related to terrorism, or criminal or other illicit intentions that have been determined, pursuant to a two-part process, to have a potential terrorism nexus.
- ISE-G-106: Technical Standards - Information Assurance —Information security and assurance within the ISE requires consistent policies and standards, effective governance, a common risk management framework, trustworthiness of information systems, and appropriate training.
- ISE-G-108: Identity and Access Management Framework for the ISE — The ISE Identity and Access Management Framework is an identity management federation concept that provides ISE participants the opportunity to contribute to the collection, development, and implementation of the policies, standards, and operational principles on which this Framework is developed. This Framework requires a commitment form each ISE participant to abide by the established technical and functional standards, policies, business rules, and agreements acknowledged, developed, and implemented for the ISE IDAM Federation.
- ISE-G-107: Technical Standards - Core Transport — The Core standards represent a universal set of broad, functional standards and technical standards to be leveraged from these defining bodies and tailored across the ISE community to guide agency processes and investments supporting terrorism information sharing.
- ISE-G-110: ISE Profile and Architecture Implementation Strategy (PAIS) —The ISE Profile and Architecture Implementation Strategy is a guide for ISE participants that describes what each should do to connect to the ISE, expose data to the ISE, build their ISE Shared Space, and access data and services provided by the ISE.
- National Information Exchange Model (NIEM) enables organizations to “speak the same language” so they can share information. NIEM is a consistent starting point—which includes a data model, governance, training, tools, technical support services, and an active community—that assists users in adopting a standards-based approach to exchanging data.
- National Information Sharing Standards Help Desk — The DoJ established the National Information Sharing Standards Help Desk, which includes a knowledgebase and live technical support. This new interactive resource provides an enhanced level of help to individuals and agencies implementing the Global Justice XML Data Model (GJXDM) and the National Information Exchange Model (NIEM).
- Representational State Transfer (REST) is style of software architecture. It prescribes the use of standards for resource representation and for resource types; it has applicability to systems on the World Wide Web and networks, and is also associated with capability for accessing website information using XML-based files that describe the site content.
- Simple Object Access Protocol (SOAP) is an XML-based protocol standard used between messaging systems. It provides a framework for particular message content, ways to process messages, encoding rules, and conventions for remote procedure message calls and responses.
- Universal Core (UCORE) is a federal information sharing initiative that supports the NSIS and associated agency strategies. UCORE enables information sharing by defining an implementable specification (XML Schema) containing agreed-upon representations for the most commonly shared and universally understood concepts of who, what, when, and where in the context of national security.
- Universal Description, Discovery, and Integration (UDDI) provides the protocols necessary for implementing an information search capability on the Internet using distributed operator sites as servicing entities. UDDI provides a standardized capability for locating, identifying, and transposing network-based software into services applicable for agency service-based architectures
What Standards Development Organizations address information sharing and safeguarding?
- As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.
- The Dublin Core Metadata Initiative (DCMI) is an open international organization supporting innovation in metadata design and best practices across the metadata ecology.
- InterNational Committee for Information Technology Standards (INCITS) is the primary U.S. focus of standardization in the field of Information and Communications Technologies (ICT), encompassing storage, processing, transfer, display, management, organization, and retrieval of information. INCITS is the forum of choice for information technology developers, producers and users for the creation and maintenance of formal de jure IT standards. INCITS is accredited by, and operates under rules approved by, the American National Standards Institute (ANSI).
- International Standards Organization (ISO) is a non-governmental organization of national standards institutes from 156 countries on the basis of one member per country. ISO standards describe state-of-the-art products, services, materials, and system. The ISO identifies the international standards required for business, government, and society; develops them in partnership with the sectors that will implement them; and adopts these standards by transparent procedures based on national input.
- Internet Engineering Task Force (IETF) develops and promotes Internet standards, cooperating closely with the W3C and ISO/IEC standards bodies and dealing in particular with standards of the TCP/IP and Internet protocol suite. It is an open standards organization with no formal membership or membership requirements.
- National Information Standards Organization (NISO) is a non-profit association accredited by the American National Standards Institute (ANSI), identifies, develops, maintains, and publishes technical standards to manage information in our changing and ever-more digital environment. NISO standards apply both traditional and new technologies to the full range of information-related needs, including retrieval, re-purposing, storage, metadata, and preservation.
- National Institute of Standards and Technology (NIST) Standards Coordination Office (SCO) — NIST is the federal technology agency that works with industry to develop and apply technology, measurements, and standards. The SCO works with the NIST laboratories to identify opportunities for NIST participation in standards-related activities, coordinate with the private sector and with other federal agencies on standards activities and programs and monitor standards development and conformity assessment activities globally.
- Object Management Group (OMG) is a worldwide not-for-profit computer industry consortium and develops enterprise integration standards that provide real-world value. OMG brings together end-users, government agencies, universities and research institutions in communities of practice to share experiences related to new management and technology approaches.
- The Open Geospatial Consortium (OGC) is an international industry consortium of 439 companies, government agencies, and universities participating in a consensus process to develop publicly available interface standards. OGC Standards support interoperable solutions that "geo-enable" the Web, wireless and location-based services and mainstream IT.
- Organization for the Advancement of Structured Information Standards (OASIS) is a not-for-profit consortium that drives the development, convergence, and adoption of open standards for the global information society.
- The World Wide Web Consortium (W3C) is an international community that develops open standards to ensure the long-term growth of the Web.
- XML.org advances the use of open standards by providing educational information, discussion areas, and collaborative resources.
Where can I find standards posted?
- Standards.Gov — Standards.gov offers background materials and useful links for locating information about the use of standards in government. The primary focus is on federal agency use of standards for regulatory purposes. This website is maintained by the National Institute of Standards and Technology.
- The Cover Pages — The Cover Pages is a comprehensive, online reference collection supporting the XML family of markup language standards, XML vocabularies, and related structured information standards. Edited by Robin Cover since 1986, this public access knowledgebase promotes and enables the use of open, interoperable, standards-based solutions that protect digital information and enhance the quality of data processing.
- Justice Information Sharing IEPD Clearinghouse — The Information Exchange Package Documentation (IEPD) Clearinghouse provides information on a variety of IEPDs that have been submitted by individuals and organizations who have implemented the Global Justice XML Data Model (GJXDM) and the National Information Exchange Model (NIEM).