Subscribe to ODNI news via emailSubscribe via RSStumblr offtwitter off 2Like ODNI on FacebookView ODNI photos on FlickrVisit ODNI’s YouTube Channelscribd off

Organization

RR: Security Markings

Chief Information Officer

IC CIO Enterprise Integration & Architecture

REST Service Encoding Specification for Security Markings
  

Overview  

   
This technical specification defines the syntax, protocol and conventions for applying security metadata or notices to a request or a response message conveyed using the Hypertext Transfer Protocol (HTTP).


Adding security metadata and notices to messages provides the capability to route and filter messages based on classification and other security markings. By processing security metadata such as portion markings and tearlines, access control points have the ability to filter data based on the formal authorization credentials of authenticated users.


This specification provides guidance for the implementation of applying such metadata to messages using HTTP or REpresentational State Transfer (REST)-based services.

Current Version


Previous Version



RR: End-to-End Identity Propagation

Chief Information Officer

IC CIO Enterprise Integration & Architecture

REST Service Encoding Specification for Identity Propagation

Overview

This technical specification applies to non-SOAP-based web services over HTTP and provides guidance for REST-based services in an environment that does not utilize a Security Token Service (STS).


(U) This specification provides a mechanism to track a sequence of requestor identifier(s), from the initiating requestor to the final called service, providing "end-to-end" visibility of the requestor(s) in the transaction sequence.


The solution provided by this specification provides a mechanism for conveying identity in an interoperable manner. The specification does not by itself provide integrity, confidentiality or non-repudiation of the requestor identity or identities over the service chain. This specification will, however, address how these security goals can be accomplished by using this specification in combination with other security mechanisms.

Current Version



CDR: Keyword Query Language

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Enterprise Audit

CDR: Keyword Query Languange

Overview

This document defines a keyword query language for use with Content Discovery & Retrieval (CDR) Search Component implementations. A keyword, in the context of a basic search, is one of the strings used to find matching content resources. It was popularized during the early days of search engine development, as it was not possible to send natural language queries to those search engines and find the desired sites. Searches typically gave the best results if only a few keywords were chosen and searched for. These keywords attempted to capture the essence of the topic in question on the basis that the keywords were likely to be present on all sites listed by the search engine.


This specification defines a common syntax, providing enough information for Search Service providers and consumers to create and use CDR-conformant Keyword Query Language Search Services.


This specification supports Intelligence Community Directive 501(ICD 501), Discovery, Dissemination or Retrieval of Information within the Intelligence Community, which establishes policies for (1) discovery, and (2) dissemination or retrieval of intelligence and intelligence-related information collected, or analysis produced by the Intelligence Community.

CDR: Query Management Downloads

Trusted Data Format

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Trusted Data Format

XML Data Encoding Specification for Trusted Data Format

This XML Data Encoding Specification for Trusted Data Format(IC-TDF.XML) defines detailed implementation guidance for using Extensible Markup Language (XML) to encode IC-TDF data.
 
Information sharing within the national intelligence enterprise will increasingly rely on information assurance metadata (including enterprise data headers) to allow interagency access control, automated exchanges, and appropriate protection of shared intelligence. A structured, verifiable representation of security metadata bound to the intelligence data is required in order for the enterprise to become inherently "smarter" about the information flowing in and around it. Such a representation, when implemented with other data formats, improved user interfaces, and data processing utilities, can provide part of a larger, robust information assurance infrastructure capable of automating some of the management and exchange decisions today being performed by human beings.

The Intelligence Community (IC) has standardized the various classification and control markings established for information sharing within the Information Security Markings (ISM), Need-To-Know (NTK), Information Resource Metadata (IRM), Enterprise Data Header (EDH), and Access Rights and Handling (ARH) XML specifications of the Intelligence Community Enterprise Architecture (ICEA) Data Standards. The IC Trusted Data Format XML specification further expands on this body of work, adapting and extending it as necessary for TDF to function as the IC submission format for binding assertion metadata with data resource(s). This TDF functionality supports the IC way ahead strategy of implementing secure cloud-based information exchange and discovery on the IC Enterprise

This specification applies to the IC, as defined by the National Security Act of 1947, as amended; and such other elements of any other department or agency as may be designated by the President, or designated jointly by the Director of National Intelligence (DNI) and the head of the department or agency concerned, as an element of the IC. Joint and Coalition forces may use this specification but it is not required.

Data Encoding Specification Downloads


Current Version:


Previous Version:

CDR: Retrieve

Chief Information Officer

IC CIO Enterprise Integration & Architecture

CDR Retrieve

Overview

This IC/DoD enterprise encoding specification defines requirements and provides guidelines for the realization of the Content Discovery and Retrieval (CDR) Retrieve Component as a web service using both the REST style and SOAP bindings, hereafter termed a Retrieve service. This component provides a common interface and behavioral model for IC and DoD content collections, enabling content consumers to retrieve relevant content resources from disparate collections across the IC/DoD Enterprise. The content of this specification describes a Retrieve service’s interface and other aspects in detail, providing enough information for Retrieve service providers and implementers to create CDR-compliant Retrieve services.

The Retrieve Component, as defined by the Intelligence Community/Department of Defense (IC/DoD) CDR Specification Framework, serves as a “pull” mechanism to access the information resource.

The REST Retrieve Component relies on mechanisms that are already well established in the internet infrastructure:
The SOAP Retrieve specification covers the following aspects of a SOAP-based Retrieve Component:
  • Service Interface defines the base SOAP constructs to expressing inputs, outputs, and faults
  • Implementation provides additional implementation guidance beyond the behavior and interface guidance
  • Reference Documentation provides references to other CDR and community artifacts (i.e., CDR Reference Architecture)
The Retrieve Component supports the retrieval for a specified resource from a Content Collection. The Retrieve Component, as defined, can only support returning a resource directly to the requestor. It cannot redirect output to a component other than the requestor. In addition, no special handling instructions (e.g., routing) may be specified.

This specification supports Intelligence Community Directive 501(ICD 501), Discovery, Dissemination or Retrieval of Information within the Intelligence Community, which establishes policies for (1) discovery, and (2) dissemination or retrieval of intelligence and intelligence-related information collected, or analysis produced by the Intelligence Community.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package. This specification is maintained by the IC Chief Information Officer via the Services Coordination Activity (SCA) and Content Discovery and Retrieval Integrated Product Team (CDR IPT).


Value Proposition

This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community and Department of Defense Enterprise(IC/DoD). Features of this specification are to:
  • Enable retrieval of an identified content resource from the Content Collection in which it is stored.
  • Initiate delivery of the retrieved resource to the requestor or to a designated alternate location using the Deliver Component.

Current Version



Previous Versions

 


You are leaving DNI.gov

You have selected to open
http://www.anotherwebsite.com

If you would like to not see this alert again, please click the
"Do not show me this again" check box below