Enterprise Architecture Future of Architecture Enterprise Architecture Unified Profile for DoDAF and MODAF (UPDM) Strategies, Policy, Governance, and Implementation DoD and Federal Departments 15 July 2011 Walt Okon Senior Architect Engineer Architecture & Infrastructure Directorate Office of DoD CIO walt.okon@osd.mil 703-607-0502

Secure Information Sharing It is imperative to effectively securely exchange information among components, Federal agencies, coalition partners, foreign governments and international organizations as a critical element of our efforts to defend the nation and execute national strategy Effectively Securely Exchange Information

Secure Information Sharing The use of architecture techniques ensures alignment, clarity, and interoperability across information sharing initiatives; Information Sharing Environment (ISEs)) Architectures enable Departments and agencies to eliminate redundancies by identifying information sharing services that may be implemented and shared internal to DoD and, potentially, across the Federal Government. Architectures Enabled

Secure Information Sharing DoD is implementing services for IS that employs Enterprise Services (ES) including service registration, authentication, attribute‐based access control, directory services, metadata registration, federated search, and collaboration. DoD partnering with IC on initiatives; e.g., service definition and implementation, metadata descriptions, Universal Core context‐independent framework, and cross‐domain solutions.

Elements of Quality Architecture Single Architecture Framework Policy, Direction, Guidance Exchange Architecture Tools Certified Architects Enabling efficient and effective acquisition of hardware, software and services used by DoD in missions Common Architecture Framework Approach 5

DoDAF V2.0 Viewpoints Fit-For Purpose Renamed New New New Overarching aspects of architecture context that relate to all models All Viewpoint Articulate the data relationships and alignment structures in the architecture content Data and Information Viewpoint Articulate applicable Operational, Business, Technical, and Industry policy, standards, guidance, constraints, and forecasts Standards Viewpoint Systems Viewpoint Articulate the legacy systems or independent systems, their composition, interconnectivity, and context providing for, or supporting, DoD functions Services Viewpoint Articulate the performers, activities, services, and their exchanges providing for, or supporting, DoD functions Operational Viewpoint Articulate operational scenarios, processes, activities & requirements Capability Viewpoint Articulate the capability requirement, delivery timing, and deployed capability Describes the relationships between operational and capability requirements and the various projects being implemented; Details dependencies between capability management and the Defense Acquisition System process. Project Viewpoint New In DODAF 2.0 we have described an expanded number of viewpoints (categories of models and views expressing differing aspects of a common architecture need) to include those shown on the slide. Some of the viewpoints were introduced in earlier versions of DoDAF, others, such as Project and Capability are new to DoDAF 2.0. An architecture viewpoint can be displayed in a number of formats, such as dashboards, fusion, textual, composite, or graphs, which represents data and the architecture description which represents an architecture. In DoDAF 2.0, the ability is provided to create an architectural description which can be expressed in many of the same formats normally used for briefing, analysis, and decision-making. The next few slides present a view of data from an architecture developed for the US Air Force at Arnold Engineering Development Center in Tennessee. This is the Air Force Center for R&D, testing and Analysis of aircraft, engines, and other components. Both Charles and I are using these views today with the permission of the Air Force. Architecture viewpoints are composed of data that has been organized to facilitate understanding. 6 6

DoD Architecture Framework 2.0 What it is: Guidance on the types of data and relationships needed to document a DoD architecture in a standard way (new in 2.0) Guidance on format and content for a standard set of DoDAF Described Models for describing architectures High level meta-process for using the DoDAF What it isn’t: A specific architecture A tool A detailed architecture development process

DoDAF V2.0 Vision Views for Other Stakeholders Structured Knowledge Base – Common Model Views for the Architect

Levels of Architecture DoD Enterprise Enterprise Level Architectures System Context SoS Architectures FoS Architectures Capability Based Segment Level Architectures Solution Level Architectures

http://www.defenselink.mil/cio-nii/sites/diea/ 10 10

UPDM – Unified Profile for DoDAF/MODAF Adaptive Artisan Software ASMG BAE Systems DoD DND embeddedPlus Generic IBM Thales Lockheed Martin Co Mitre L3 Comms MOD NoMagic Raytheon Rolls Royce Sparx Systems VisumPoint Selex UPDM RFC Group Walt Okon DoD Support 11

Why do we need Exchange UCore Middle East Pro-Democracy Movements Coalition Partners Japan Earth Quake, Tsunami, Nuclear Risks DoD and IC Information Sharing Initiatives Implement Lessons Learned To Achieve Operationally Significant Results Federal Inter-Agency Haiti Earthquake Christmas Day Terrorist Attempt DOJ/DHS Experience in Federal, State, Local, Tribal Interoperability State, Civil, Local Hurricane Katrina NGOs and Industry 11 Sep 2001 Terrorist Attacks “The bottom line is this:  The U.S. government had sufficient information to have uncovered this plot and potentially disrupt the Christmas Day attack.  But our intelligence community failed to connect those dots, which would have placed the suspect on the "no fly" list. In other words, this was not a failure to collect intelligence; it was a failure to integrate and understand the intelligence that we already had. ” President Barack Obama, 05 JAN 2010

UCore V2.0 Conceptual Data Model What is UCore UCore V2.0 Conceptual Data Model Message Framework Metadata XML representation Interrogatives: When, Where, Who, What, What Taxonomy Common Terms Security markings Message framework Rendering Instructions Extension Guidance When What Where Who

Vendor Tools are Necessary Architecture Tools Guidance DoDAF v2.0 Federated Architecture Strategy DoD IEA DoD Tools DoD Architecture Registry System (DARS) DoD IT Standards Registry (DISR) GIG Technical Guidance (GTG) Tool Meta Data Repository (MDR) Vendor Tools are Necessary

Architecture Education & Training Certified Enterprise Architects design the information technology architecture structure enabling the efficient and effective acquisition of hardware, software and services utilized by the DoD in missions supporting the warfighters. Common Architecture Framework 15

Elements of Quality Architecture Single Architecture Framework Policy, Direction, Guidance Exchange Architecture Tools Certified Architects Enabling efficient and effective acquisition of hardware, software and services used by DoD in missions deliverables. Common Architecture Framework Approach 16

Future of Architecture Achieving Secure Information Sharing Information Integration Subcommittee Identity Federation Meeting Implement ICAM Identity, Credential, and Access Management

Federal CIO Council ICAM Alliances: Interagency Security Committee, NSTIC NPO, CNSS, IC IdAM, NASCIO, & More Unclassified

Secure Information Sharing Extract from FY10: Leveraging the Power of Technology To support this effort, the Federal Identity, Credential, and Access Management (ICAM) segment architecture provides Federal agencies with a consistent approach for managing the vetting and credentialing of individuals requiring access to Federal information systems and facilities The ICAM segment architecture will serve as an important tool for providing awareness to external mission partners and drive the development and implementation of interoperable solutions

Secure Information Sharing Extract from FY12: IT Security and Privacy Improve Identity Management: ICAM, PIV Credentials, HSPD-12, NSTIC ICAM solutions leverage existing investments in the Federal Government while promoting efficient use of tax dollars when designing, deploying, and operating information technology systems With the majority of the Federal work- force now possessing credentials, agencies can accelerate their use of these for secure access to Federal facilities and information systems

ICAM Scope Non-Persons Persons Logical Access Physical Access Unclassified

Current DOD IdAM Attribute Governance Secretary of Defense (SECDEF) Identity Protection Mgt Sr. Coord Group (IPMSCG) & working groups DOD CIO DoD CIO Executive Board Enterprise Guidance Board (EGB) IA Enterprise Review Group (IAERG) Enterprise Services Review Group (ESRG) Architecture Standards Review Group (ASRG) Information Assurance Senior Leaders (IASL) Identity Access Mgt Task Force (IdAM TF) Identity Assurance & PKI (IdA/PKI) Directorate Defense Information Systems Agency (DISA) Joint Staff GFM DI GOSC GFM DI PIPWG OUSD Personnel & Readiness (P&R) Defense Human Resources Agency (DHRA) Defense Manpower Data Center (DMDC) DOD/IC Authorization Attribute Steering Committee AASC Legend for governance light blue: DOD organizations dark blue: DOD governance bodies grey: DOD/IC governance bodies black: federal governance bodies Federal CIO Council (FICAM Subcommittee)

Architecture & Information Sharing Achieving Secure Information Sharing Office of Management and Budget Common Approach Federal Enterprise Architecture (CA-FEA) Dr. Scott Bernard, Federal Chief Architect

Changes in Federal Direction Mission. Federal enterprise architects provide leading-edge advisement, analysis, and design services that align strategic priorities with mission capabilities and technology solutions. Vision. To be a trusted, knowledgeable partners with agency executives, managers, staff, and external stakeholders to help accomplish mission goals, manage change, and optimize resources through proven enterprise architecture methods.

Changes in Direction Outcomes: Revitalized community that is relevant and engaged. Strong leadership support for the participation of architects in key initiatives. A diversity of views within the community are heard and considered. New methods for architecture that are more agile, efficient and standard. Updated policy to reflect new priorities, methods, and desired outcomes. A career path and training standards for federal enterprise architects.

Changes in Governance OMB, Federal CIO: Sets federal policy- EA programs, practices, reporting. OMB, Chief Architect: Leads federal EA community, advises Federal CIO. Runs quarterly Chief Architect Forum Meetings. OMB, FEAPMO: Maintains federal EA approach and does projects. CIO Council: Promotes federal IT community discussions, advises Federal CIO, publishes best practices and reports, maintains reference archive. CIO Council, AIC: Promotes best practices, supports outreach. AIC Sub-Committees: Promotes the development of best practices and methods in specific EA areas, supports outreach, and projects. AIC Outreach Sub-Committee: Runs quarterly “Architecture Plus” meetings for government and industry participants to discuss EA issues.

Changes in Approach Common Approach to Federal EA FEAF-II

Changes in Scope Level Scope Planning Detail Impact Audience Medium Multiple Agencies Govt.-Wide Services U.S. & Other Governments Medium National/Global Outcomes Government-Wide & International Multiple Agencies, Businesses, Interest Groups Sector Services Medium Sector Outcomes Multi G2C, G2B, G2G Agency-Wide Services Line of Business Specific Services Single Agency Program Specific Services

Environment & Natural Resources Changes in Use – Shared Services Sector designations are needed to support new services and interoperability across traditional agency boundaries. General Government Policy Resources Oversight Transparency Education & Workforce Sector Defense & Security Sector Law & Justice Sector Diplomacy & Trade Economic & Financial Sector Transport & Space Sector Energy & Technology Environment & Natural Resources Health & Well-Being Example: Electronic Patient Records Example: Border Protection Example: International Legal Cases Example: International Trade & Exports Example: Global Economic Tracking Example: On-line Learning Example: Energy Efficient Housing Smart-Roads Example: Alternative Fuels Central sector for general government support services and transparency

Secure Information Sharing Achieving Secure Information Sharing White House Information Sharing Environment Governance Interagency Policy Committee

Information Sharing Environment Governance Cross Federal Information Sharing Co Chairs NSS / PM-ISE DNI DHS DOJ DOD DOS Intelligence Law Enforcement Defense Homeland Security Foreign Affairs Scope I&A / POL Sharing and Access IPC WH / DHS Information and Communications Infrastructure IPC Smart Grid Cyber Security Cyber Legislation Architecture/ R&D International Privacy, Civil Rights, Civil Liberties Cyber Budget Cyber OPS Legal IRIS IS&A Sub IPCs National SAR Initiative DOJ BJA Fusion Centers DHS I&A Watchlisting & Screening DHS POL Integration PMISE TREAS IC CIO DoD CIO TBD RISS LEISP RISS National Policy Group IC ISE

Sub-Committees Working Groups Information Sharing & Access Interagency Policy Committee Co-Chairs: Monte Hawkins, NSS & Kshemendra Paul, PM-ISE Paul Grant (DoD CIO); Chuck Kosak (USD(P)); Karen Riggs (JS) Sub-Committees Watchlisting & Screening Chair: Monte Hawkins (NSS) Fusion Center Chair: Bart Johnson (DHS) Vice Chair: Owen Harris (FBI) Suspicious Activity Reporting Chair: Jim Burch (DoJ/BJA) Privacy, Civil Rights & Civil Liberties Chair: Alex Joel (DNI) Information Integration Chair: David Bray (PM-ISE) Matt Taveres (HD&ASA) Adam Gorowitz (USD(P)) Chuck Kosak (USD(P)) Stephanie Beavers (HD&ASA) Mike Reheuser (DPCLO) Paul Grant (DoD CIO) Carl Consumano (DoD CIO) Working Groups HSPD-6 International Outreach HSPD-24 National Security Threat ISE Privacy Guideline Revisions Information Technology Audit Standards Working Group Chair: Walt Okon (DoD) Nominations Database Enhancements Data Aggregation Working Group Chair: Donna Roy (DHS) Chair: Hank Bebe (DNI) Assured Secret Network Interoperability Working Group Chair: James Beagles (DHS) Assured SBU Network Interoperability Working Group Chair: Kevin Heald Encounters Screening Regina Piper (DoD CIO) Paul Grant (DoD CIO) Carl Consumano (DoD CIO) Paul Grant (DoD CIO) Walt Okon (DoD CIO)

Federal Shared Services Strategy Shared Service Working Group Office of Management and Budget Office of E-Government & IT

Shared Services: Part of the IT Reform Agenda Reform Item #6: Develop a Strategy for Shared Services

History of Shared Services Quicksilver 2001 Cloud-First 2010 E-Government Act 2002 Clinger-Cohen 1996 E-Gov Initiatives Initial 25 2003 Lines of Business Initial 5 (HR, GM, FM, FHA,CM) 2004 Round 2 (Geo, BFE, ITI, ISS) 2006 Payroll Consolidation Completes 2009 GAO Report: Opportunities to Reduce Potential Duplication 2011 Round 2 (DAIP, ITDS, IAD-Loans/Grants) 2008 Shared Services

What is a Shared Service? Producer Provider Consumers Roles: Provider, Producer, Consumer Sources: Internal or external to the agency (government or commercial).

Shared Service Concept Education & Workforce Defense & Security Economic & Financial Transport & Space MISSION SERVICE SECTORS Health & Well-Being Diplomacy & Trade Environment & Natural Resources Energy & Technology enablers Content Management Virtual Meeting Cloud eMail Collaboration Others SUPPORT SERVICE SECTOR First focus on support sector services, as this has the greatest initial potential for lowering duplication & waste. Public Clouds Federal Clouds

Delivery Channels & Considerations Delivery Considerations Is the service commercially available? Are there security, privacy, classified requirements? Does the agency need to be a provider? How does a provider agency meet customer needs?

Secure Information Sharing Questions Walt Okon Senior Architect Engineer Architecture & Infrastructure Directorate Office of DoD CIO walt.okon@osd.mil 703-607-0502