PEO-GES Version 08.4 NCES Capabilities Overview UNCLASSIFIED.
Transcript of PEO-GES Version 08.4 NCES Capabilities Overview UNCLASSIFIED.
PEO-GES
Version 08.4
NCES Capabilities OverviewNCES Capabilities Overview
UNCLASSIFIED
2
Agenda
• NCES Overview
• NCES Production Capabilities– User Access: Defense Knowledge Online (DKO)– Collaboration– Metadata Registry (MDR)– Federated Search– Enterprise Catalog– Machine-to-Machine Messaging– Service Discovery– Service Security
• Steps to use NCES Capabilities
• NCES Lessons Learned
• Additional NCES References
3
NCES Overview
• NCES is an enabler for information sharing within the DoD as well as with federal, allied, coalition and multinational partners
• NCES will allow users and information systems to:– Find and access relevant information;– Expose the information they produce for others to discover;– Collaborate in a more effective manner;– Distribute data to forward deployed areas;– Increase performance and reliability of data access, and; – Utilize the enterprise infrastructure for evolving DoD systems
to a Service-Oriented Architecture.
NCES is the foundation for knowledge sharing and future knowledge creation
4
NCES OverviewMacro Perspective
NCES Capabilities
ServiceSecurity Content
Delivery
Mediation ContentDiscovery
Collaboration
ServiceDiscovery
EnterpriseService
Management
PeopleDiscovery
User Access via DKO (SIPR & NIPR)
Service OrientedArchitecture Foundation
NCES is delivering capabilities to enable the Department’s net-centric information sharing transformation!
MetadataRegistry
Net-Enabled Command Capability
Global Combat Support System Distributed Common Ground System
National Geospatial-Intelligence Services
Theater Battle Management Core System
Integrated Strategic Planning & Analysis Network
Defense Technical Information Center
NCES Early Capabilities Baseline Users
NCES Users
Global Command & Control System
Communities of Interest
5
NCES
Interoperability of data with
shared semantics
Ability to developand reuse capabilities regardless of platform;
increased flexibilityand agility
Communicate in real-time using
voice, text, and video sessions
Real-time update and alert notification as information changes
Ability to operate in a secure
environment
Web-basedsource for
information onNCES and access
to its servicesAccess to shared/
stored data; improved shared
awareness
ServiceSecurity
Exchange data with unanticipated
users in unanticipated
formats
Mediation
Collaboration
ServiceDiscovery
Confidence thatenterprise services
are available andreliable
EnterpriseService
Management
Locate people and network resources
PeopleDiscovery
MetadataRegistry
Improved Quality of Service
ContentDelivery
ContentDiscovery
Enterprise ServicesDiscussed Today
66
• Purpose– Provide a single point of access to DoD Services
• Key Facts– DKO is provided by Army Knowledge Online - same platform,
same services - 1.9M users online now– NCES Developer's Page on DKO provides initial orientation for
early adopters– Legacy NCES Portal (Defense Online (DOL)/GESPortal) to
shut down NLT 12/31/07– Joint Accounts on DKO available for all DOL/GES Portal users
now (sign up TODAY!)• CAC or User ID/Password for logon• Support for software-based PKI certificates.
– Will be expanded to support 2.5M (NIPR) and 300K (SIPR) users by March 2008
• Primary Benefits– All users can create knowledge centers and post content to
share information– Provides personalized, user-defined, Web-based presentation
that allows for secure access to enterprise services– Allows users to efficiently and securely collaborate and share
information– Organizations can save $ by eliminating/avoiding costs to
establish/sustain own local portal
• Primary Audience – COIs, DoD Capability developers, End users
Defense Knowledge Online (DKO)https://www.dko.dod.mil
77
Defense Knowledge Online (DKO)https://www.dko.dod.mil
How to get started
8
Defense Knowledge Online (DKO)Demonstration
99
Collaboration• Purpose
– Provide Web Conferencing, IM, Chat, file-sharing, and application-sharing capabilities
• Key Facts– Two “Buttons”– IBM Sametime (www.e-collabcenter.com)
• Currently operational on NIPRNet and SIPRNet
• Required Static Destination Ports: – Port 80 TCP – http web traffic
– Port 443 TCP – https encrypted web traffic – Adobe Connect/Jabber IM/Chat (www.dco.dod.mil)
• Available for testing on NIPRNet and SIPRNet• Requires Flash Player, Ports 443 and 5222
• Primary Benefits– Enables collaboration between DOD, homeland defense,
intelligence, and coalition forces – Enables migration from costly and complex domain-specific
collaboration capabilities to an enterprise provided service– Improves warfighter and employee productivity by facilitating
seamless and secure communications across the enterprise
• Primary Audience – COIs, End users
1010
Collaboration – Button 1https://www.e-collabcenter.com
1111
Collaboration – Button 2https://www.dco.dod.mil
12
Button 2 Collaboration
Demonstration
1313
DoD Metadata Registry (MDR)https://metadata.dod.mil
• Purpose– Provide an on-line repository which enables developers to
reuse, understand, integrate with, and share existing data assets (metadata)
• Targeting web services, databases, and vocabularies– Provides a portal for developer access and web services for
machine-to-machine access
• Key Facts– Over 8,000 users and 180,000 assets registered– Over 900 Programs of Record supported– Serving the DoD, DHS, IC, NASA and NATO– Hosted on NIPR, SIPR, and JWICS– User driven via DoD Metadata Working Group and Feedback
links on the portal– Implements the ebXML standard for Metadata Registries– Single Sign-On through DKO
• Primary Benefits– Enables reuse and governance of data assets– Foundation for other services; e.g. mediation– Allows the COI data assets to exist after the COI disbands
• Primary Audience – COIs, DoD Capability developers
1414
DoD Metadata Registry (MDR)https://metadata.dod.mil
• Mission Area List
• Domain List
• COI List
• COI Links
new
15
DoD Metadata Registry (MDR)
Demonstration
16
DoD Discovery Metadata Specification (DDMS) https://metadata.dod.mil/mdr/irs/DDMS
• Purpose– Provides a uniform set of metadata to promote visibility
of data assets across the Department of Defense.
• Key Facts– Called out in DoDD 8320.02, “Data Sharing in a Net-
Centric Department of Defense”– Endorsed by E.O. 13388, “Further Strengthening The
Sharing Of Terrorism Information To Protect Americans”– Uses IC Information Security Markings (IC-ISM) for
security markings on elements that may contain sensitive data.
– Used by Federated Search, Enterprise Catalog, DoD Metadata Registry, …
– Employed by numerous COIs to facilitate discovery of data assets across the DoD enterprise
– Adopted both within and outside of the DoD, including NATO, Canadian Dept. of Nat’l Defense, and DHS
– Extensibility supports specialized discovery requirements
• Primary Benefits– Common vocabulary for discovery data– Managed through the DoD Metadata Working Group– Leverages well established standards (Dublin Core,
GML, ISO 8601, …)
• Primary Audience – COIs, DoD Capability Developers, DoD Data Providers
17
DoD Discovery Metadata Specification (DDMS) https://metadata.dod.mil/mdr/irs/DDMS
1818
• Purpose– Provides a capability which allows users to discover information
from disparate data sources with one query
• Key Facts– Returns results from the DoD and IC instances of Google
appliances, COIs, and the Enterprise Catalog • Exposes all types of information via DDMS; not
limited to document-based content (DDMS v1.0/Fed Search v1.3)
• Provides a translation layer from legacy, non-DDMS based search technologies
• Work in progress for converged DNI and NCES spec
– Content Discovery SDK Package (refer to NCES Users Guide on DKO) provides overview to integrate with the Fed Search service
– Federated Search portlet enables integration of search with any user portal
– Integrates with the NCES Security services, NCES Service Registry, and NCES Messaging
– Allows local systems to determine access control for search results
• Primary Benefits– One logged-in, can retrieve results from multiple data sources– Can allow users to “discover” items in their native portal– Enables Web services to be linked between multiple
implementations (Search Aggregation)– Supports searching both structured and unstructured data
• Primary Audience – COIs, DoD Capability developers, End users
Federated Searchhttps://search.nces.dod.mil/mse
1919
Federated Searchhttps://search.nces.dod.mil/mse
2020
• Purpose– Increase visibility for user content
• Targeting documents and web sites– Provide an index for information sources without
cataloging capabilities– Provides publish/remove operations to populate a
data source with metadata
• Key Facts– Content Discovery SDK Package (refer to NCES
Users Guide on DKO) provides overview to integrate with the Enterprise Catalog service
– New UI available November 2007– Leveraged by early adopters
• TBMCS, C2 SSA, MDA• Primary Benefits
– Expand the quantity and quality of information accessible to the enterprise.
– Reduce latency, increase reliability, and optimize network traffic to provide efficient delivery of information.
– Use standard, vendor-neutral specifications to leverage existing Community of Interest (COI) information repositories including Web servers, file servers, databases, indexes, content management systems, and other applications
• Primary Audience – COIs, DoD Capability developers, End users
Enterprise Cataloghttps://search.nces.dod.mil/catalog
2121
Enterprise Cataloghttps://search.nces.dod.mil/catalog
2222
Machine-to-Machine Messaging• Purpose
– Promotes decoupling of information among producers and consumers• Asynchronous point-to-multi-point event notification using multiple messaging models
(Publish/Subscribe/queuing/peer-to-peer)– Alerts, track updates, etc.
• Producers do not have to keep track of consumers• Producers and consumers do not have to be continuously connected to network
• Key Facts– Accessible through a web-based interface on the DKO portal– Messages searchable through NCES Federated Search
• Primary Benefits– Guaranteed Messaging allows subscribers to receive queued messages after
reconnecting to the network– Provides Client Configurable QoS parameters
• Guaranteed messaging
• Priority, time-to-live, persistence, etc. – Supports Distributed, Federated GIG
• Multiple message brokers/administrative domains• Application integration• Supporting Mediation/Orchestration
• Primary Audience – COIs, DoD Capability developers, End users
23
Service Discovery https://service.nces.dod.mil/wasp/uddi/bsc/web
• Purpose– Provides a services directory that enables users to
publish and discover shared applications and services.
• Key Facts– Currently operational on NIPRNet
and SIPRNet– Interacts with Service Security to
streamline access
• Primary Benefits– Promotes capability reuse– Promotes service composition and orchestration– Establishes basic service
governance capabilities
• Primary Audience – COI, DoD Capability developers
24
NCES Service Registry https://service.nces.dod.mil/wasp/uddi/bsc/web
25
Service Securityhttps://www.us.army.mil/suite/doc/9572662?inline=true
• Purpose– Protects WEB services from unauthorized use
• Key Facts– Currently operational on NIPRNet and SIPRNet
– Uses open standards to define the rules that secure and protect GIG services.
– Provides multi-attribute authorization and access control
– Provides a flexible architecture that PORs and COIs can employ within their enclaves
• Primary Benefits– Ensure that shared information is only accessed by appropriate personnel,
services and computers
• Primary Audience – COIs, DoD Capability developers
2626
Notional NCESSecurity Architecture
Portal
Provider
Request / Response
Request / Response
NCES Security Services
AttributeService
RobustCertificate Validation
Service
ServiceConsumer
Agent
Request / Response
Request / Response
27
People Discoveryand Attribute Service
• Provides the capability to identify and find White Pages (e.g. locator) information on people by leveraging the Joint Enterprise Directory Service (JEDS)– Capability targeted to provide access to locator information
contained in Defense Eligibility and Entitlement Reporting System (DEERS), the Global Directory Service (GDS), the four Service directories and other identity repositories about personnel and about all DOD CAC Card holders.
– Access to JEDS restricted to authorized personnel and services– JEDS provides both a White Pages website and a Web Service
Interface• White Pages via HTTPS• Application interface via LDAPS• Web Services interface via SOAP over HTTPS
– Web Service interface uses SAML Attribute Query/Response protocol
AS
NCES Security Services
28
JEDS Implementation
DEERSArmyEDS
DISANET
NMCI (Navy/MC)White Pages
Air ForceDirectory Services(AFDS)
GDS
JEDS
Attributes
Attributes
Attributes
Attributes
Attributes
Attributes
Last Name, First Name, Middle Initial, Generational Qualifier,Rank/Title, DoD Component,DoD Sub-Component, EDI-PI, Position, Mail, Citizenship, Personnel Type, Display PKI
DN, Clearance/Controls
Other UID, SIPRnet email, SIPRnet Display Name, Office Phone, Secure Office Phone, Mobile Phone, Secure Mobile Phone, Fax, Secure Fax, IP Phone, Secure IP Phone, DSN Phone, DRSN Phone, User Certificate, Street Address, Mail Stop, Room Number, City, State, Country, Postal Code, Source DN, Publish Flag
}
additional attributes per the JEDS Roadmap
JPAS
Pentagon PAED
Attributes
Others
Attributes
13 per AD Naming Convention
White Pages Attributes
2 per the ICAS User Attribute Definitions
}}
Last Name, First Name, Middle Initial, Generational Qualifier,Rank/Title, DoD Component,DoD Sub-Component, EDI-PI, Position, Mail, Citizenship, Personnel Type, Display PKI
DN, Clearance/Controls
Attribute Service Attributes}}
HTTPS,LDAPS
SAML/SOAPHTTPS
29
Joint Enterprise Directory Services https://jeds.gds.disa.mil/
30
NCES Techguidehttp://metadata.dod.mil/mdr/ns/ces/techguide/
• Purpose– Help promote understanding of the DoD Net-
Centric Data Strategy as well as more effective use of NCES capabilities.
• Key Facts– Helps provide background, goals and step-by-step
procedures to become Data Strategy compliant– Provides relevant use case scenarios often
encountered throughout the DoD– Content is provided in a logical structure for each
role to quickly decipher and understand– Linked to through disa.mil/nces and the
Developers Community on DKO• Primary Benefits
– Enable a program to achieve DoD Data Strategy Compliance via NCES Capabilities
• Primary Audience – Program Managers, Architects and Developers
31
NCES Techguide http://metadata.dod.mil/mdr/ns/ces/techguide/
32
Using NCES CapabilitiesCOI Data Exchange Development Perspective
• Collaboration– Capability for collaborating among COI Members
• Chat sessions• Member Forums• Virtual conferencing, etc….
• Defense Knowledge Online (DKO)– Capability for creating sites for posting COI content
• Meeting minutes• Status reports• Collaborative work-products,….
• DoD Metadata Registry– Capability for making structural and semantic assets visible,
accessible, and understandable and locating existing assets• Data exchange formats (XML Schemas)• Taxonomies/Ontologies (OWL Documents)• Assertion of relationships between concepts and assets
33
Using NCES CapabilitiesCOI Pilot Development Perspective
• Service Security– Capability for protecting Web services produced by COI Pilot developers
• Ensure access to services is authentic and authorized
• Machine-to-Machine Messaging– Capability for publishing data for the purposes of machine consumption
• Guaranteed messaging for high volume and rapidly changing data
• Federated Search & Enterprise Catalog– Capability for advertising and searching for data assets
• DDMS entries describing data assets such as Web pages and static content,…• Precision search capabilities for locating relevant data assets.
• DoD Metadata Registry– Capability for making service interface specifications visible and accessible
• Web service interface specifications (WSDL files)
• Service Registry– Capability for making data access points visible
• Access points for service offerings• References to interface descriptions• Service ownership information
34
Using the NCES CapabilitiesGetting Started / Approaches for Data Exposure
• Acquire PKI and/or ECA certificates and NCES accounts– Get the NCES User’s Guide– Register on DKO– Request access to the NCES Developer’s Community
Your DataAsset
OPTION 1Expose an existing Web Server by opening it up to be crawled by the Google search engine. The enterprise Google search engine is a data provider to the Federated Search.
OPTION 2Implement the Federated Search Interface and register it with the NCES Service Registry.
Your DataAsset
Federated SearchService
NCES ServiceRegistry
https://service.nces.dod.mil/wasp/uddi/bsc/web
Register endpoint
35
Using the NCES CapabilitiesGetting Started / Approaches for Data Exposure
OPTION 3Implement a custom Web service.
- Register the endpoint in the NCES Service Registry.- Register the WSDL and XML Schemas in the MDR.
Your DataAsset
Custom WebService
NCES ServiceRegistry
https://service.nces.dod.mil/wasp/uddi/bsc/web
DoDMetadataRegistry
WSDLXML
SchemaRegister endpoint
Pointer toWSDL fileRegister
DDMS
EnterpriseCatalog
Register
http://metadata.dod.mil
36
Integration with NCES Servicesfor COI Case Studies
NCES Core Enterprise Services
Community of Interest
MDR Enterprise Catalog
Federated Search
Security Messaging Service Registry
C2 SSA
MDA
Strike
C2 Global Data Pilot
37
NCES Lessons Learned
• Posted to Developers Community on DKO– Command and Control Space Situational Awareness (C2 SSA)
COI• https://www.us.army.mil/suite/doc/7000110
– Maritime Domain Awareness Data Sharing COI• https://www.us.army.mil/suite/doc/7166679
– STRATCOM Global C2 Data Pilot• https://www.us.army.mil/suite/doc/7000580
• Please post additional lessons learned as they are identified
38
Additional NCES References
• NCES Public Site– http://www.disa.mil/nces/
• NCES Users Guide– http://www.disa.mil/nces/nces_user_guide.html
• NCES Developers Community (hosted on DKO)– https://www.us.army.mil/suite/page/384284
• NCES Techguide– http://metadata.dod.mil/mdr/ns/ces/techguide/
39
NCES URLs
• Defense Knowledge Online– https://www.dko.dod.mil
• Collaboration– E-CollabCenter: https://www.e-collabcenter.com– Defense Connect Online: https://www.dco.dod.mil
• DoD Metadata Registry– https://metadata.dod.mil
• DoD Discovery Metadata Specification– https://metadata.dod.mil/mdr/irs/DDMS
• Federated Search– https://search.nces.dod.mil/mse
• Enterprise Catalog– https://search.nces.dod.mil/catalog
• Service Discovery– https://service.nces.dod.mil/wasp/uddi/bsc/web
• Joint Enterprise Directory Service– https://jeds.gds.disa.mil
40
•DKO-N Joint user access – Jan
•Metadata Registry V6.0 – Feb
•Service Discovery Update – Feb
•Service Security Update – Feb
•Milestone B - Mar
•Content Discovery Centralized Search (SIPR) – Apr
•Release SOAF RFP - May
•Deploy ESM – May
•Converged DoD/DNI Federated Search Specification - Jun
•Award Collaboration Button 2- Jun
•M2M Messaging Upgrade – Aug
•Deploy People Discovery & Attribute Service (SIPR) – Sep
•Federated Search (SIPR) – Sep
NCES High-Level Schedule
FY07
•Deploy DKO-S – Jun
•Deploy Collaboration Button 1 NIPR - Aug
FY06
•Deploy People Discovery & Attribute Service (NIPR) - Nov
•Award SOAF - Nov
•Federated Search (NIPR) - Dec
•Milestone C - Mar
FY08
•Initial Operational Capability - Jan
•Scale Capabilities - Jan
•Transition Users/Sustain Capabilities - Jan
FY09
41
www.disa.mil
42
FSFS EC
NCES Fed Search
Aggregator
Capabilities:
Enterprise Services – DECC Columbus
Interfaces:
EC
FS
Enterprise Catalog
Federated SearchExternal Applications, Services, and Data Sources
Users
NCES Enterprise
Catalog
NCES Service Discovery
NCES Enterprise Services
Management
Federated Search Use Case
User Logs into DOL
Portal, DKO, or COI
Application
User Authorized by NCES Security
ServicesUser Submits Search Query
Aggregated results
returned
Results viewed by
user
Fed Search Aggregator
discovers data sources from
Service Discovery
NCES Security Service
FSFS
FS
Community of Interest
FS FS
FS FS
Program of Record
COI, POR, C/S/A Data Sources populated from applications, databases, web content, etc.
For immediate discoverability users may
post metadata to the Enterprise Catalog
Enterprise Web Content is crawled and
indexed
DS
DSDS
DS
DS DSDS
DS(Web Enabled)
DS(Web Enabled)
Federated Search enables information sharing within and between COIs and PORs
Federated Search enables information sharing within and between COIs and PORs
Data SourceDS
DECC Columbus & San Antonio
IC Community
Query is federated and
results returned.
43
Interfaces:
M Messaging Interface
NCES Security Service
User Authorized by NCES Security Services
POR Database 1
User Logs into UDOP
User Subscribes to Channel
Update Published
Information Displayed on UDOP
DECC Columbus & San Antonio
NCES Messaging ServiceM
POR Database 2
POR Database 3
A B C D E F
View Weather info
Updates
Receives update to
subscribed Channel
“Weather” Channels
A - 20854B – 20374C – 22209D – 75201E – 60601 F – 95101
Message Store
Messaging
M2M Messaging
Messaging Use Case
44
DKO Success Stories
USMC- Building and staging content today in DKO. Using targeted channel for C4 Planning Cell.
IASE- “… DKO has extended the capabilities of the information assurance (IA) community of interest."
JKDDC- For the first time, Joint users can use the Learning Management System (LMS). Only need a DKO account and Joint users can access their service training with Single Sign-On (SSO).
45
NGADIA
NRO NSA
Command& Control
Intelligence Warfighter Business
SituationalAwareness
FocusedLogistics
Data
ForceProtection Mission
Planning
Insufficient synchronous collaboration
JTF HQ
COCOM
Mission Areas: Battlespace Awareness,Force Application, Force Protection
Mission Areas: Focused LogisticsMission Areas:Battlespace Awareness
StateMaritime
Land SoFAir
DepotsLog Bases
TRANSCOM
Industry
Observe
Orient
ActDecide
NGADIA
NRO NSA
Intelligence Warfighter Business
JTF HQ
COCOM
Mission Areas: Battlespace Awareness,Force Application, Force Protection
Mission Areas: Focused LogisticsMission Areas:Battlespace Awareness
StateMaritime
Land SoFAir
DepotsLog Bases
TRANSCOM
Industry
Mission Planning Situational Awareness
Logistics Force ProtectionShared Space
COICOI
COI COICOI
COICOI
COI
Shared, accessible information = Small OODA Loop
Pre-NCES OODA Loop
“As-Is” Environment
ObserveOrient
Act
Post NCES OODA Loop
Decide
“To-Be” EnvironmentStove-piped information = Large OODA Loop
NCES creates a shared information space, increasing decision velocity
Why NCES?
46
Today’s Challenges
• Substantial time and effort required to:– Identify, aggregate, and coordinate information and deliver
operational plans– Identify and aggregate historical and event information from
internal and external sources
• Sharing information to support dynamic situational awareness is difficult to attain and maintain in active combat operations
• Logistics, maintenance, and operational mission information is difficult and time consuming to correlate
• Asset visibility is difficult to achieve and maintain
47
NCES Benefits
• NCES will enable:– Increased user access to accurate and relevant,
automatically updated, information– Decreased planning cycle times– Rapid user access to local and enterprise
information/intelligence sources– Accurate and relevant information retrieval from local
and enterprise sources– Rapid exchange of information in support of shared
situational awareness – Global visibility on combat support information