National SecurityThrough

ResponsibleInformation Sharing

Kshemendra Paul

Program Manager, Information Sharing Environment

June 2014

SCOPE & M ISSION

Diplomacy

Homeland Security

Intelligence

Defense

Law Enforcement

Frontline• Investigators

• Analysts

• Operators

FederalState

LocalTribal

Private SectorInternational

Co

mm

un

itie

s InformationSharing

Environment(ISE)

Information Technology Industry

2

NATIONWIDE CHALLENGESNational Approaches to Interoperability

Integrated Capabilities & Shared Services

Common Operating Models

Multiple Missions & Authorities

Crushing Financial Pressures

Evolving & Converging threats

18,000LE Agencies750,000+

Officers

250,000911 Operators

1.2 million

Firefighters

2.2 million

Security Officers

18 CI/KR Sectors* Numbers are estimates

300+ million

People

77 Fusion Centers

28 HITDAs6 RISS Centers

FBINCIJTF ▫ CJIS ▫ FIGs ▫ JTTFs ▫ JRIGs ▫ TSC

DHSI&A ▫ ICE ▫ CBP ▫ TSA ▫ DNDO ▫ NPPD

MaritimeDomain

NCTCJCAT

AirDomainDoD

DOJATF ▫ DEA ▫ USMS ▫ OJP

3Protection of Privacy, Civil Rights, and Civil Liberties

Nlets

State

4

Principles:

• Information as a national asset.

• Information sharing and safeguarding requires shared risk

management.

• Information informs decision making.

5

• Drive Collective Action through Collaboration and Accountability

• Improve Information Discovery and Access through Common Standards

• Optimize Mission Effectiveness through Shared Services and Interoperability

• Strengthen Information Safeguarding through Structural Reform, Policy, and Technical Solutions

• Protect Privacy, Civil Rights, and Civil Liberties through Consistency and Compliance

STRATEGY GOALS

1. Governance

2. Agreements

3. Data Tagging

4. Federal Identity Credential and Access Management (FICAM)

5. Safeguarding

6. Interoperability Baseline Capabilities

7. Training

8. Discovery & Access

9. Private Sector Sharing

10. Data Aggregation Reference Architecture

11. Shared Services

12. Standards-based Acquisition

13. Foreign Partners

14. Request for Information Process

15. Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI)

16. Fusion Centers6

STRATEGY PRIORITY

OBJECTIVES

7

• WH-based Governance

• Strategic Implementation Plan

• Detailed Planning and Implementation Guidance

• Performance-Based Oversight

• Active Program & Industry Engagement & Ownership

INSTITUTIONALIZING A

MANAGEMENT FRAMEWORK

“We’ll be on our way to computerizing all of America’s

medical records, which won’t just eliminate

inefficiencies, save billions of dollars and create tens of

thousands of jobs – but will save lives by reducing

deadly medical errors.”

– President Barack Obama, February 4, 2009

• 8

A NATION’S CALL TO

ACTION

8

• President Obama issued an Executive Memorandum on Transparent and Open Government

• Government should be

◦ Transparent

◦ Participatory

◦ Collaborative

THE OPEN GOVERNMENT

INITIATIVE

9

Repeatable, Reusable Process(Information Exchange Development Lifecycle)

Common Language(Community-driven Data Model)

Built and governed by the business users at Federal,

State, Local, Tribal, International and Private Sectors

N ATI ONA L I NF ORM ATI ON

E XC HA NGE M OD EL (NIEM)

10

Primary Sponsors

• Dept of Justice

• Dept of Homeland Security

• Dept of Health and Human Services

Ex-Officio Members

• Global Justice Information Sharing Initiative

• Office of Management and Budget

• Program Manager, Information Sharing Environment

• National Association of State Chief Information Officers

Partners

• Terrorist Screening Center

• Dept of Defense / Dept of Navy

• Public Safety Canada

WHO STEERS NIEM CURRENTLY?

11

WHAT IS INTEROPERABILITY?

•Foundational

• Structural

• Semantic

12

TODAY’S CHALLENGES

• Achieving and maintaining systems interoperability

• Challenges exist in sharing information across domains

• Civil liberties and policy conflicts

13

SEMANTIC TECHNOLOGY

• Technology does not lead to semantic interoperability

• People/organizations need to agree upon the semantics

• The technology must be able to capture the semantics that has been agreed upon

14

Information

Interoperability

ISE Communities

of Practice (CoPs)

ISE Communities

of Interest (CoIs)

15

ISE COI AND COP

• Focused on the white-space between Agencies

• Mission & framework agnostic

• Modular development extending existing capability

• Practitioner-focused integration of best practices

Discover

Interoperable Services

Build

Interoperable Services

Extend

Interoperable

Services

ISE Interoperability Tools

• Architecture Alignment

• Attribute Exchange

• Common Profile

• Data Aggregation

• Exchange Patterns

• Geospatial

• Identity and Access

Management

• Maturity Model

• National Information

Exchange Model

• Reference Architecture

• Standards and Specification

Framework

• Springboard

PROJECT INTEROPERABILITY

Built upon…

Legal Authorities, Governance & Policy, Performance Management,

Budget and Resourcing, Communications and Outreach Tools

16

17

PUBLIC SAFETY/PUBLIC

HEALTH NEXUSHHS OpDivs Engagement

FDA: counterfeit drugs, adverse events

SAMSHA: drug rehabilitation programs support

CDC: prevention, health & injury statistics

CMS: paying for the drugs

OIG: investigation

Better align across federal with state, local, and private sector partners based on shared use of common

ISE tools.

Opportunity:

• Top-down design leads to modular development

• Makes tools more manageable

• Different people can work on different tools, and then put their

work together.

• Leads to a higher quality product

• Increases reuse

P ROJ EC T I NTEROP ERA B I LI TY I S

L I KE M OD U L A R D EV ELOPMENT

18

- Security Trimmed Federated Search IEPD

- Suspicious Activity Reporting

- Coming Soon:- RFI

- Human Trafficking

- FICAM + GIFPM SAML Assertions Profile

19

Project Interoperability

Attribute Exchange

Authentication and

Credentials

Information Exchanges

Reference Architecture

Exchange Patterns

Common Profile

HSIN Project Interoperability Alignment

Existing and Potential Opportunities

- IISC SBU Identity and Authorization Attributes Federation ( IAAF)

- Authoritative Attributes Source

- PIV and PIV-I- Others

- GIRA (Potential)- Service Catalog

- First Responders (Potential)

- Law Enforcement Data Deconfliction (Potential)

USE CASE : NEW JERSEY

INFORMATION SHARING

ENVIRONMENT

20

21

• National Strategy for Trusted Identities in Cyberspace

• Implementing FICAM across security domains

• Federation to Inter-Federation

• National Identity Exchange Federation (NJ ISE)

• Managed Attribute Federations

• Integrate into Standards-Based Acquisition efforts (NJ ISE)

ADVANCING FEDERATED

IDENTITY MGMT

STANDARDS

COORDINATING COUNCIL

22

TAKEAWAYS

• Need systems that are interoperable

• Cross-domain information sharing

◦ Information sharing capabilities that allow effective information exchange across multiple communities of interest.

•Policy specification and enforcement

23

V ISIT ISE.GOV

@shareandprotect

24

25

HHS ISE Progress

HHS Area HHS Initiative Description

CDC Public Health

Work

North America Day Public Health

Alert pilot June 2012

Public health alerts exchange pilot between Canada and

Mexico as a proof of concept for CDC National Information

Exchange Model (NIEM) broker services and a prototype for

HHS-wide NIEM broker services. Public health alerts include

pandemic-potential infectious disease information of concern

to our national security and thus fit in the ISE scope.

NIEM Standards HHS is using NIEM for Health

Domain and Human Services.

• Frank Baitman, HHS CIO, sits on NIEM Exec. Steering

Committee

• The Health domain is stewarded and sponsored by the

Office of the National Coordinator for Health Information

Technology (HHS ONC)

• The Human Services domain is stewarded by the Health

and Human Services, Administration for Children and

Families (HHS ACF)

Implementing HHS

Counterintelligence

Policy & Insider

Threat Guidance

The HHS Counterintelligence

Policy and associated Insider

Threat Program Guidance

establishes the procedures for CI

personnel to develop and

manage information involving

potential insider or external

threats to the Department.

• Facilitated by the HHS-wide HHS Counterintelligence

Policy and Insider Threat Guidance, OpDivs programs

facilitate sharing for situational awareness across HHS

and ISE, as appropriate

• Creation of the HHS IT Working Group (ITWG)

• HHS annual insider threat training for employees to

enhance awareness

26

HHS ISE Progress

HHS Area HHS Initiative Description

Uncovering Terrorism

Financing:

Medicare/Medicaid

Initiative

Develop and enhance secure

communications capabilities

among Medicaid and Medicare

fraud investigators. (CMS

Operation Division Monitors)

• DoJ funded, state-wide owned secure SharePoint sites for

the Medicaid Fraud Control Units (MFCU) and the Medicaid

Integrity Institute (MII) on the RISS Secure Cloud

(RISSNET).

• The Deliverables associated with this initiative include:

o Expand usage and enhance the MFCU and MII

sites

o Host a meeting(s) with stakeholders (including

Medicare stakeholders)

o Document and report project efforts and next steps

Administration for

Children and Families

Federal Parent Locator Service Collects and collates information about child support from

states and federal organizations, by matching information

ACF has been able to identify and remediate improper

payments.

Public Assistance Reporting

Information System (PARIS)

A system which helps ACF identify fraud and improper

payments by comparing information from DOD, VA, OPM and

the States.

National Information Exchange

Model (NIEM) Courts Project

To build NIEM domain between child support and the courts

and child welfare and courts (administered by DOJ)

OMB and HHS- Interoperability

and Integration Project (S2I2)

fund

12-month grants for 7 states to explore and plan improved

Interoperability and integration in eligibility and enrollment,

case management, and related functions to help streamline

administration processes and strengthen program integrity in

federal assistance programs across HHS IT systems.

States: CA, CO, IL, IN, MD, & NY

27

HHS ISE Progress

Area Initiative Description

Food and Drug

Administration

FDA Division of Food Defense

Targeting (DFDT) collaboration

with DHS Customs and Border

Protection (CBP) National Cargo

Targeting Center (NCTC)

DFDT shares its prior notice research findings-of-concern on

food imports bound for the U.S. with DHS Customs and Border

Protection (CBP) National Cargo Targeting Center (NCTC)to

compare with DHS watch lists and targeting information for

collaboration on shipments of concern for link to terrorist or

terrorism.

NSISS Priority

Objectives

HHS leads among NT-50s in

Department/Agency ISE program

engagement and development,

spearheading numerous priority

objectives for NT-50 applicability,

especially within the last year, and

is co-chairing a couple of the ISE

Implementation Workgroups.

• Priority Objective #1 Governance: Tiger Team - Aida Perez

and Lucienne Nelson

• Priority Objective #14 Request for Information/Alerts

Warnings & Notifications Process (RFI/AWN): Ricky Hill

HHS Cyber

Threat Analysis

OSSI CI and the OCIO form the

Cyber Threat Analysis Center

(CTAC) which fuses forensic

analytical capabilities with

intelligence analysis.

Cyber Threat Analysis Center (CTAC)

will enhance our ability to: assess the cyber-attack tactics

techniques and procedures used by our adversaries; support

forensic analysis of cyber-attacks; to identify potential threats

work with the operating divisions, OCIO, OGC, OIG and other

stakeholders to establish standard operating procedures for the

forensic analysis of IT systems and hardware related to

counterintelligence case inquires and assessments.