A SAR Solution The First Steps…

A SAR Solution

The First Steps…

A SAR Solution

The First Steps…

Suzette McLeod, IJIS InstituteAaron Gorrell, Waterhole Software

Realize the Power of InformationRealize the Power of Information

Dispatch (CAD) System Suspicious Activity

911/PSAP911/PSAP

Observer

PrivateIndustry

Law EnforcementDispatch

Law EnforcementDispatch

Dispatched LE

Record Mgt System (RMS)

Intel System

Fusion Center Systems

LocalLaw Enforcement

LocalLaw Enforcement

Law EnforcementInvestigation or

Intelligence

Law EnforcementInvestigation or

Intelligence

LocalFusion Center*

LocalFusion Center* State Designated Fusion Center

State Designated Fusion Center

* The Local Fusion Center may refer to local intel analytical centers, UASIs, state regional fusion centers, etc..

Information Sharing Environment (ISE)

Other State Fusion CentersOther State Fusion Centers

Information Exchange Key

SAR IEPD

Existing Exchange

Future SAR IEPDs ??

JTTF / FIGJTTF / FIG

LE SAR Process


Local and state data sharing and retention statutes and policies vary significantly

Where laws don’t prohibit sharing, the political “noise” may limit SAR sharing

Concerns exist about ISE consumers not respecting local data retention policies

Data Sharing Concerns


• Detailed SAR IEPD includes all SAR data elements with the personal identifying information (PII) uniquely identified for later purging per senders’ date.

• Summary SAR IEPD is the detailed SAR excluding PII

Privacy Solution


Your & My ChallengeYour & My Challenge

• Finds ways to leverage and augment EXISTING processes and systems to meet these new information sharing needs

• Acknowledge that we will need to tag, flag, and share information based on;

• Predefined criteria• Real time human determination• Reactive identification based on Alerts• Proactive identification based on realtime content


Created a robust IEPD using GJXDM Now migrating IEPD to NIEM

2.0/Harmony Reorganizing schema to leverage

LEXS capabilities and NDEx cross-referencing

Seeking diverse pilot partners• LE, Fusion Center, DOD Force Protection,

Border Control, Port Authority

SAR ProgressSAR Progress


What is LEXS?What is LEXS?• Developed by DOJ/Law Enforcement Information

Sharing Program (LEISP)• Uses and depends on entities and associations

defined in NIEM• Paradigm shift in organizing and structuring IEPD’s

– An extensible framework for creating interoperable IEPDs– Systems will be able to process and display data in LEXS

structured schema without system modification (loosely coupled)

• Publication & Discovery (LEXS-PD)– For publishing and updating data from a source to a

consumer– Is the basis for SAR and N-DEx data submission

• Search & Retrieval (LEXS-SR)– For system-to-system federated searches and result drill-

downs


IEPD ConsistencyIEPD Consistency• Definition:• Two groups independently

developing IEPDs for the same purpose will create incompatible IEPDs.

• Result:• Small-scale interoperability

between coordinating partners, but not large-scale interoperability between independent community members (i.e., the ultimate promise of standards)

• Mitigations:• Top-down standards: requires “center of

mass”• Formal standards: long, arduous process• Consensual standards: hard to gather

and govern enough participants to “tip”

X


The “Polyglot” ProblemThe “Polyglot” Problem• Definition:• An organization that

exchanges data with multiple partners must simultaneously support multiple distinct IEPDs.

• Result:• Cost and expertise are

limiting factors in the attempt to create robust, rich networks of information exchange – instead, sharing is disjoint and/or shallow


LEXS-PD

LEXS-PDMessage

PackagePackage Metadata

Package Digest

Package

Message Metadata

………………..

Package

Rendering Instructions

Attachment………………..

Attachment

Community Payload

Attachment

DocumentType

Person

Activity

Organization A

Organization B

NIEM DocumentTyp

e

NIEM DocumentTyp

e


Package MetadataPackage Metadata

• LEXS Version• Data Sensitivity• Data Source Organization• Data Source System• Data Source Contact• Message Date/Time• Message Sequence Number


The DigestThe Digest

•Subset of NIEM

•Most commonly used entities and relationships


Digest AssociationsDigest Associations

Organization (e.g., gang, corporation,

school)

Telephone Number

Person

Location

Property (e.g.,

vehicle, boat weapon,

drug)


The PayloadThe Payload

• Location for exchange-specific data not included in the digest

• Does not have to be consumed by the receiving system

• Human readable when linked with a stylesheet


Rendering InstructionsRendering Instructions

•Link to XSLT file(s)

•XSLT Files describe how to display payload (Stylesheet)


AttachmentsAttachments

•Attachments are any kind of binary or text-based content


ChallengesChallenges

• Dependent on high degree of common elements across IEPD’s

• Current version has been developed with Law Enforcement in mind – digest may not be appropriate for all domains

• Latest version LEXS 3.1 is based on NIEM 1.0

• Core.gov

A SAR Solution The First Steps…

Documents

Transcript of A SAR Solution The First Steps…