A GJXDM-Based Approach for Federated Information Sharing The CISAnet IEM: A GJXDM-Based Approach for Federated Information Sharing Jack Wallace Debby Park Susan Liebeskind Georgia Tech Research Institute
What is CISAnet? Secure information sharing network with 10 states: Alabama, Arizona, California, Georgia, Idaho, Louisiana, Mississippi, New Mexico, Oklahoma, and Texas Administered by the Criminal Information Sharing Alliance (CISA) Partnerships extend information sharing: RISS projects Federal agencies
CISAnet Information Sharing Two mechanisms for sharing information Sharing of applications Sharing and collation of data Information sharing is read-only, no data updates Current data sharing infrastructure uses proprietary messages and protocol originally deployed mid-90’s
Program Starting Points Each CISAnet member is unique Local databases and applications Local business rules Multiple database vendors Database structure and data elements unique to each data source Multiple user interfaces
Program Starting Points Two-step query/response paradigm Search query Uses search terms Results in picklist Retrieve query One or more items from picklist Results in additional details on each selection plus pointer info
Program Starting Points Support for additional data sources Currently one logical data source per member Need to support multiple sources per member Support for different categories of data Person, Location, Conveyance, Organization, Contact Information
Program Goals Add more categories of data Weapon, Other Property, Activity, Document and Multimedia Support for multiple data classifications Provide user-based security Utilize existing identity infrastructure Users have explicit permissions Support submitters and requesters Support for partner agencies
Program Goals Standards based Reduce development and expansion costs XML Web Services J2EE Application Servers Reduce development and expansion costs Easy access to new data sources Intelligent query direction Reduce coding required for identity management
CISAnet Information Exchange Model (IEM) Uses standards XML for data exchange Specifically GJXDM 3 Supports all desired data categories Web services based infrastructure J2EE application servers
Web Services is a standard, right? If everyone defines their own web services, consuming applications get complicated
GJXDM Solves All Data Needs, Right? Over inclusive by design Lots and lots of elements Multiple relationship mechanisms Multiple code tables No way to package picklists No query/response metadata No query mechanism
IEM Defines Middleware Layer Well-defined Web Services GJXDM subset Query/Response wrapper schema Query mechanism
Well-defined Web Services Client applications invoke one web service
IEM Uses Subset of GJXDM Selected one relationship mechanism Defined CISAnet objects and removed recursion from subset Person, Location, Contact Info, Org, Activity, Conveyance, Weapon, Document, Other Prop. Pruned elements Not needed by CISAnet participants Not needed by relationship mechanism Roughly 1,000 elements in subset
IEM Wrapper Schema QueryResponse schema Metadata for queries and responses Supports collation of data from multiple data sources Defines set of data classifications criminal history, criminal intelligence, criminal investigative, criminal justice, government, commercial, public, and support
IEM Query Metadata How to handle query Where to send query How many hits to return Multiple assertions Submitter Requester Proxy Type of match (exact or best)
IEM Response Metadata How query was handled Where responses came from How many hits were returned How many hits there were Advisories Data source description
IEM Query Mechanism Evaluated query mechanisms/languages Selected XQuery, specifically XQueryX Uses query templates so implementers don’t have to support full language Implementers can convert query into native query or use XQuery engine
Intelligent Direction of Queries Query can specify data source(s) Query can specify participant(s) Query can specify data classification(s) Query be sent to “all” Infrastructure only sends query to those sources that can answer the question Immediate access to new data sources
User-based Security CISAnet submitters must have CISAnet ID Partner query submitters supported Every query has at least one CISAnet ID Permissions and classifications validated Users only get data for which they have permission Infrastructure can “fill-in” information
CISAnet IEM Summary Non-recursive, simplified subset of GJXDM Standard relationship mechanism Standard query mechanism and language Organizational query/response schema Intelligent direction of queries Security based on user permissions and data classifications