A SAR Solution The First Steps…
description
Transcript of A SAR Solution The First Steps…
A SAR Solution
The First Steps…
A SAR Solution
The First Steps…
Suzette McLeod, IJIS InstituteAaron Gorrell, Waterhole Software
Realize the Power of InformationRealize the Power of Information
Dispatch (CAD) System Suspicious Activity
911/PSAP911/PSAP
Observer
PrivateIndustry
Law EnforcementDispatch
Law EnforcementDispatch
Dispatched LE
Record Mgt System (RMS)
Intel System
Fusion Center Systems
LocalLaw Enforcement
LocalLaw Enforcement
Law EnforcementInvestigation or
Intelligence
Law EnforcementInvestigation or
Intelligence
LocalFusion Center*
LocalFusion Center* State Designated Fusion Center
State Designated Fusion Center
* The Local Fusion Center may refer to local intel analytical centers, UASIs, state regional fusion centers, etc..
Information Sharing Environment (ISE)
Other State Fusion CentersOther State Fusion Centers
Information Exchange Key
SAR IEPD
Existing Exchange
Future SAR IEPDs ??
JTTF / FIGJTTF / FIG
LE SAR Process
Realize the Power of InformationRealize the Power of Information
Local and state data sharing and retention statutes and policies vary significantly
Where laws don’t prohibit sharing, the political “noise” may limit SAR sharing
Concerns exist about ISE consumers not respecting local data retention policies
Data Sharing Concerns
Realize the Power of InformationRealize the Power of Information
• Detailed SAR IEPD includes all SAR data elements with the personal identifying information (PII) uniquely identified for later purging per senders’ date.
• Summary SAR IEPD is the detailed SAR excluding PII
Privacy Solution
Realize the Power of InformationRealize the Power of Information
Your & My ChallengeYour & My Challenge
• Finds ways to leverage and augment EXISTING processes and systems to meet these new information sharing needs
• Acknowledge that we will need to tag, flag, and share information based on;
• Predefined criteria• Real time human determination• Reactive identification based on Alerts• Proactive identification based on realtime content
Realize the Power of InformationRealize the Power of Information
Created a robust IEPD using GJXDM Now migrating IEPD to NIEM
2.0/Harmony Reorganizing schema to leverage
LEXS capabilities and NDEx cross-referencing
Seeking diverse pilot partners• LE, Fusion Center, DOD Force Protection,
Border Control, Port Authority
SAR ProgressSAR Progress
Realize the Power of InformationRealize the Power of Information
What is LEXS?What is LEXS?• Developed by DOJ/Law Enforcement Information
Sharing Program (LEISP)• Uses and depends on entities and associations
defined in NIEM• Paradigm shift in organizing and structuring IEPD’s
– An extensible framework for creating interoperable IEPDs– Systems will be able to process and display data in LEXS
structured schema without system modification (loosely coupled)
• Publication & Discovery (LEXS-PD)– For publishing and updating data from a source to a
consumer– Is the basis for SAR and N-DEx data submission
• Search & Retrieval (LEXS-SR)– For system-to-system federated searches and result drill-
downs
Realize the Power of InformationRealize the Power of Information
IEPD ConsistencyIEPD Consistency• Definition:• Two groups independently
developing IEPDs for the same purpose will create incompatible IEPDs.
• Result:• Small-scale interoperability
between coordinating partners, but not large-scale interoperability between independent community members (i.e., the ultimate promise of standards)
• Mitigations:• Top-down standards: requires “center of
mass”• Formal standards: long, arduous process• Consensual standards: hard to gather
and govern enough participants to “tip”
X
Realize the Power of InformationRealize the Power of Information
The “Polyglot” ProblemThe “Polyglot” Problem• Definition:• An organization that
exchanges data with multiple partners must simultaneously support multiple distinct IEPDs.
• Result:• Cost and expertise are
limiting factors in the attempt to create robust, rich networks of information exchange – instead, sharing is disjoint and/or shallow
Realize the Power of InformationRealize the Power of Information
LEXS-PD
LEXS-PDMessage
PackagePackage Metadata
Package Digest
Package
Message Metadata
………………..
Package
Rendering Instructions
Attachment………………..
Attachment
Community Payload
Attachment
DocumentType
Person
Activity
Organization A
Organization B
NIEM DocumentTyp
e
NIEM DocumentTyp
e
Realize the Power of InformationRealize the Power of Information
Package MetadataPackage Metadata
• LEXS Version• Data Sensitivity• Data Source Organization• Data Source System• Data Source Contact• Message Date/Time• Message Sequence Number
Realize the Power of InformationRealize the Power of Information
The DigestThe Digest
•Subset of NIEM
•Most commonly used entities and relationships
Realize the Power of InformationRealize the Power of Information
Digest AssociationsDigest Associations
Organization (e.g., gang, corporation,
school)
Telephone Number
Person
Location
Property (e.g.,
vehicle, boat weapon,
drug)
Realize the Power of InformationRealize the Power of Information
The PayloadThe Payload
• Location for exchange-specific data not included in the digest
• Does not have to be consumed by the receiving system
• Human readable when linked with a stylesheet
Realize the Power of InformationRealize the Power of Information
Rendering InstructionsRendering Instructions
•Link to XSLT file(s)
•XSLT Files describe how to display payload (Stylesheet)
Realize the Power of InformationRealize the Power of Information
AttachmentsAttachments
•Attachments are any kind of binary or text-based content
Realize the Power of InformationRealize the Power of Information
ChallengesChallenges
• Dependent on high degree of common elements across IEPD’s
• Current version has been developed with Law Enforcement in mind – digest may not be appropriate for all domains
• Latest version LEXS 3.1 is based on NIEM 1.0
• Core.gov