“Towards Seamless Interoperability and Trust” · Interoperability and Trust” May 25, 2010. 5/25/10. DWiz DoD DCMO BMA CTO & CA. 1. DCMO CTO/CA Intel Mission Area. Enterprise

Dennis E. Wisnosky, DoD BMA CTO &

Chief Architect in the Office of the Deputy Chief

Management Officer

“Towards Seamless Interoperability and Trust”

May 25, 2010

5/25/10 DWiz DoD DCMO BMA CTO & CA 1

DCMO CTO/CA

Intel Mission

Area

Enterprise Information Environment Mission Area

Business Mission

Area

Warfighter Mission

Area

Dennis E. Wisnosky, DoD BMA CTO & Chief Architect in the Office of the

Deputy Chief Management Officer (DCMO)

Missions of the DoD

The Business Operating

Environment(BOE)

Reach of the BMA


The Business Operating Environment

"The Secretary of Defense is responsible for a half- trillion dollar enterprise that is roughly an order of

magnitude larger than any commercial corporation that has ever existed. DoD estimates that business support

activities—the Defense Agencies and the business support operations within the Military Departments—

comprise 53% of the DoD enterprise.”

Reach of the Business Mission Area


Strategic Management PlanBusiness Priorities / Outcomes / Goals / Measures / Key Initiatives

Business Enterprise ArchitectureActivities, Processes, Data Standards, Information Exchanges, Business Rules,

System Functions, System Data Exchanges, Terms, and Linkages to Laws, Regulations, and Policies

Con

tinuo

us P

roce

ss

Impr

ovem

ent /

Le

an S

ix S

igm

a

PSA Strategic Alignment

Enterprise Transition PlanRoadmap for the Business Systems and Services Needed for BEA

Implementation

Quadrennial Defense Review (QDR)

IRB Tactical Planning

Continuous Performance Measure and Reporting against Process, Systems/Services and Initiatives

Informs

Process Systems/Services Initiatives

Component Execution

Making the Connections!


Roadmap for DoD Business Operations TransformationBy Roadmap

By Policy!


Symantec has signed a definitive agreement to acquire VeriSign’s security business, which includes the Secure Sockets Layer (SSL) Certificate Services, the Public Key Infrastructure (PKI) Services, the VeriSign Trust Services and the VeriSign Identity Protection (VIP) Authentication Service.

“With the combined products and reach from Symantec and VeriSign, we are poised to drive adoption of identity security as the means to provide simple and secure access to anything from anywhere, to prevent identity fraud and to make online experiences more user-friendly and hassle-free.”

Breaking News

BMA Interoperability Policy Goals


Interoperability Policy Goals

Objective: De-conflict redundant capabilities and informational silos1. Policy to Establish functional interoperability through informational

interoperability• Identify redundant capabilities using common vocabulary• Create understandable business processes using standardized

representation (Primitives)• Create consistent and reusable vocabularies using CARP*

2. Policy to Limit the creation of new data services to only those cases when they cannot be created from existing information exchanges

3. Policy to Remove the need for custom interfaces by creating implicit interoperability• Make information understandable using information models• Create standardized and reusable methods for accessing data • Create physical instantiation of the common vocabulary

*Reference DoDAF 2.0 Journal Best Practices, Architecture Methodology

5/25/10

Kill Redundant Sources Memo x3

DoDI 8321

BECCM COI

Other

Ensuring Performance of Biz Ops

DoDI 5323

DCMO Charter DoDD

5105.82

Policy Deployment Strategy

Enterprise Interoperability

Organization

BI Program Management Office

Review

sCrite

riaMetr

icsSM

P Su

ppor

t

Respo

nsibi

lities

Roles

Func

tions

CPM R

oles

Autho

rities

Scoping Memos (X1 a-n)

HRM CBM

x1.a

FM C

BM x

1.bW

SLM C

BM x1

.c

RPILM

CBM

x1.d

MS&SM

CBM

x1.e

Extracting BI from Apps

Seman

tic D

ataSe

mantic

Stds

.

Thin

Client

Supp

ort

Info S

ecur

ity-D

DRS

Cloud C

ompu

ting

Interoperability for Architecture

Common

Voc

ab.

for In

fo Ex

chan

gePr

imitiv

es fo

r W

orkfl

ow

CARP

for B

uildin

g

Arch

itectu

res

Interoperability of Info

Memo x2

Limit New Redundant Data Sources Memo x4

Use A

uthor

itativ

e Sou

rces

Virtu

alize

Ser

vices

Make A

ll Data

Ava

ilable

as S

ervic

es

Governance of Interoperability

Methods

7All in!

DWiz DoD DCMO BMA CTO & CA


Joint Policy ApproachDoD Business OperationsDCIO

(Synchronization & Oversight)

DBSMC

PSAs, MilDeps, etc

CIO Executive Board

IASL EGB

1. Draft Policy for Review

DCMO

MilDep CMOs and 4th

EstateLegend

Direct ReportingCoordination

2. Align, Review

with DCIO

3. SD106 Coordination



Now Some Details!


Where We Are Heading!

The BOE Vision – Version 3.0


HRM/ Med FM

Logistics RPILM WSLM/ MSSM

Strategy and Roadmap for DoD Business Operations Transformation

Performance Measures

Semantic Information

CV & Primitives

Past (BMA Federation Strategy version 2.4a)

Present (BOE Execution Roadmap)

BEA 3.0

BOE Vision

DCMO/CIO PoliciesCIO – DIEA, Segment Archi.

Arch. Fed.

MDR

Federation Implementation Plan

CIO/DISA – Federal Cloud

BEA 8.x

Business Intelligence

(BTI) NCES/CES

BOE Service Enablement

Domains

ExecutionDBSAE SOA Imp. Strategy

Future (BMA Architecture Strategy version 3.0)

Initial BOE Experience

DBSMC/IRBs DCMO/DCIO; EGB; BECCM

Version 2.4a

DoD Strategic Mgmt. Plan (SMP)

Common Vocabulary (Ontologies)

RDF OWL other

Enterprise Stds.

Vision & Strategy

Planning & Roadmap

Infrastructure

Governance

Data Integration

Biz. Intelligence

Rules/Workflow

Dat

a S

harin

g an

d B

I Ena

blem

ent

Roadmap: Architecture Governance Socialization Services Infrastructure

Security

How Are We Getting There?

5/25/10

11

BEA Strategy : SMP-E2E-BEA

DWiz DoD DCMO BMA CTO & CA 11

Common Vocabulary is necessary!


Common Vocabulary

Technical / Systems

Functional / Requirements

Building the Vocabulary

Using the Vocabulary

• Governance• Identify Conflicts• Resolve Conflicts

• Review Vocabulary• Approve Vocabulary

• Alignment• Unify Format• Parse Input

• Cleanse Vocabulary• Match Terms

• Publish Results

• Architecture• C.A.R.P. / AV-2 Template

• Match Terms• Build Models / Primitives

• Validate Models

• Mediation & Virtualization• Routing

• Content-based Addressing

• Protocol Adaptation• Messaging

mediation pathways

BEA Common Business Vocabulary

Common Vocabulary RDF Store

Common Semantics

Legacy Systems Mediation Virtualization

common vocabulary

common

vocabularyCARP ensures Common Vocabulary use


Building Common Vocabularies

Define Capabilities

What is the architecture supposed to achieve?

Items:• Objectives• Features• Services

Define Resources

Which data/

resources will be consumed or produced?

Items:•Nouns

Define Activities

Which processes/

activities will provide the capabilities?

Items:• Verbs

Define Performers

Who/What will be involved?

Items:• Roles• Systems• Actors

Capability Vocabulary

Activity Vocabulary

Resource Vocabulary

Performer Vocabulary

Capability View

Process View

Data & Rule View

Process ViewMany moving parts!


Task/Mission

CBM COI Extensions

Service/Organization Specific Extensions

Common Core

FM

HRM

MSLLM

WSLM

RPILM Business EnterpriseCommon Vocabularies

Metadata COI

Common Core Data Schema

DoD Governance of DoD Core Data, Universal Core

Business Enterprise Common Vocabulary COI, Common Core, DCMO

BTA P&R- CSE

CTO CV Tool Team

FM COI Data Governance

HRM COI Data Governance

WSLM COI Data Governance

MSSLM COI Data Governance

RP&ILM COI Data Governance

Business Enterprise

Architecture (BEA)

Well Documented Intentions!


Architecture Primitives Series

DoD Architecture Framework Processes Best‐Practice

http://cio‐nii.defense.gov/sites/dodaf20/journal_exp3.html

OV-6c

The Design Pattern!


Patterns & Primitives

PrOntoPriMo

A style guide provides subjective advice that will ensure the design of high quality products

A style guide advises on– Choice of words

• Which constructs are appropriate in a given situation

– Choice of grammar• How to combine

constructs to maximum effect

Provides basic definitions of the architecture model semantics

Provides elementary rules for the connectivity of primitive constructs

Provides foundation building blocks for constructing architecture products

Caveat: A common vocabulary by itself does not guarantee high quality products

Dictionary

Style Guide

Will Industry Care?

We are Underway!



National Strategy for Identity, Credential, and Access Mgmt

5/25/10

Example Problem:

BTA Supplier Portal Integration


5/25/10

Portal Solution for P2P - High Level Requirements View

Vendors

Portal

iSupplier

DAIiSupplier

DEAMSSUS

GFEBSSUS Navy

ERPWAWF

Account

Creation

Account Management

Routing

Single Sign‐on

Creation of Transaction

Data Visibility

Storage of Data

Identity Transfer Data Visibility


5/25/10

Supplier Portal: Vision

Continue to maintain common supplier engagement via the WAWF User Interface while allowing suppliers to easily login to ERP portals for creating documents and viewing detailed transactions.

Minimize changes to WAWF user interface and workflow.

Friction-less way of logging in from WAWF to “correct” ERP.

Maximize use of ERP supplier portal capabilities.


5/25/10

Supplier Portal: Our Vision

The same login…


5/25/10

Supplier Portal: Our VisionThe same single point of visibility for searching

and

viewing summary…

SEARCHINGSEARCHING

SUMMARYSUMMARY


5/25/1024

Supplier Portal: Our VisionWeb links to “punch in”

to the correct ERP supplier

portals to create

documents and view details…

CREATECREATE VIEWVIEW


5/25/10

Benefits

Still maintain single point of entry for suppliers and single point of visibility for documentsSuppliers able to seamlessly log into ERP

systems responsible for acceptance and paymentPre-population of header and line-level

detail directly from purchase order significantly enhances accuracy of data submission by supplier


5/25/10

WAWF(UI)

AggregationEngine

ERPPortal ERP

ERPPortal ERP

ERPPortal ERP

ERPPortal ERP

ERPPortal ERP

invoice / receipt data

Oauth (Open Authorization) +

OpenID


High Level Architecture


Stove Pipes Tiered Accountability

Allies

Global Collaboration

Service providers Contractors

In DoD

Agile, Adaptive, Net-Centric

Was IS“To Be”

Getting the Word Out


Websites for SOA and Business Operating Environment Updates

http://www.bta.mil/products/training/SOA/index.html

http://www.bta.mil/products/bea_7_0/BEA/html_files/soa.html

By Reaching Out


Thank you!

Questions? [email protected]

5/25/10

An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications. http://oauth.net/

An open, decentralized standard for authenticating users that can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. http://en.wikipedia.org/wiki/OpenID


http://en.wikipedia.org/wiki/File:OpenID_logo.svg

http://en.wikipedia.org/wiki/File:Oauth_logo.svg

5/25/10

WAWF(UI)

AggregationEngine

ERPPortal

ERP

Hey, what active duns do you haveand for each duns what are your open

invoices?

User is searching for the list

of invoices for duns “xyz”

that are currently open.

Ooh, this status has changed, go ahead

and notify user

User wants more details on invoice,

hyperlink to ERP Router

ERPRouter

User is redirected to

correct page

‐or‐

if they don’t

have an account in

ERP

[WAWF CONNECT]Handshake and confirmation

of user identify using Oauth

2.0 Standard + OpenID

Create user and

session


A Little More Detail

5/25/10

High Level Technical “Dance” for a User who does NOT have an account in the ERP system

WAWF.mil ERP.milhttps://erp.mil/onestoprouter?action=view&

number=CFAB001ERP

Router ERP

Router

[WAWF CONNECT]

https://wawf.mil/authorize?type=web_server&client_id=xxx&redirect_uri=https://erp.mil/callback&scope=

openid

An ERP would like to leverage

your WAWF login?

An ERP would like to leverage

your WAWF login?

OKOK NONOhttps://erp.mil/callback?code=i1WsRn1uB1

Generate verification code (ex. i1WsRn1uB1) Generate verification code (ex. i1WsRn1uB1)

https://wawf.mil/authorize?type=web_server&client_id=xxx&client_secret=yyy&code=i1WsRn1uB1

&redirect_uri=https://erp.mil/callback

Redirect back with additional data and returned

code

Redirect back with additional data and returned

code

HTTP/1.1 200 OK {“access_token”:”ABC”,

“expires_in”:”3600”, “refresh_token”:”WXYZ”,

“user_id”:”http://user.wawf.mil/john_doe”,”issued

_at”:”123456789”,”signature”:”akljsdflaksjdf”}

Request User Info Request User Info

‐or‐

Oauth protected URI rep of WAWF users

https://user.wawf.com/{userna me}

Oauth protected URI rep of WAWF users

https://user.wawf.com/{userna me}

https://user.wawf.mil/john_doe?access_token=ABC

Generate and return access token

Generate and return access token

Logged in? NO

HTTP/1.1 200 OK {“user_id”:”

http://user.wawf.mil/john_doe”,”display_name”:”John

Doe”,”wawf_username”:”johndoe”}

ADD USER

TO ERP USING

ERP API

ADD USER

TO ERP USING

ERP API

UsersUsers32

Documents

“Towards Seamless Interoperability and Trust” · Interoperability and Trust” May 25, 2010. 5/25/10. DWiz DoD DCMO BMA CTO & CA. 1. DCMO CTO/CA Intel Mission Area. Enterprise