Subscribe to ODNI news via emailSubscribe via RSStumblr offtwitter off 2Like ODNI on FacebookView ODNI photos on FlickrVisit ODNI’s YouTube Channelscribd off

Organization

CDR: Keyword Query Language

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Enterprise Audit

CDR: Keyword Query Languange

Overview

This document defines a keyword query language for use with Content Discovery & Retrieval (CDR) Search Component implementations. A keyword, in the context of a basic search, is one of the strings used to find matching content resources. It was popularized during the early days of search engine development, as it was not possible to send natural language queries to those search engines and find the desired sites. Searches typically gave the best results if only a few keywords were chosen and searched for. These keywords attempted to capture the essence of the topic in question on the basis that the keywords were likely to be present on all sites listed by the search engine.


This specification defines a common syntax, providing enough information for Search Service providers and consumers to create and use CDR-conformant Keyword Query Language Search Services.


This specification supports Intelligence Community Directive 501(ICD 501), Discovery, Dissemination or Retrieval of Information within the Intelligence Community, which establishes policies for (1) discovery, and (2) dissemination or retrieval of intelligence and intelligence-related information collected, or analysis produced by the Intelligence Community.

CDR: Query Management Downloads

Trusted Data Format

Wednesday, October 17, 2012

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Trusted Data Format

XML Data Encoding Specification for Trusted Data Format

This XML Data Encoding Specification for Trusted Data Format(IC-TDF.XML) defines detailed implementation guidance for using Extensible Markup Language (XML) to encode IC-TDF data.
 
Information sharing within the national intelligence enterprise will increasingly rely on information assurance metadata (including enterprise data headers) to allow interagency access control, automated exchanges, and appropriate protection of shared intelligence. A structured, verifiable representation of security metadata bound to the intelligence data is required in order for the enterprise to become inherently "smarter" about the information flowing in and around it. Such a representation, when implemented with other data formats, improved user interfaces, and data processing utilities, can provide part of a larger, robust information assurance infrastructure capable of automating some of the management and exchange decisions today being performed by human beings.

The Intelligence Community (IC) has standardized the various classification and control markings established for information sharing within the Information Security Markings (ISM), Need-To-Know (NTK), Information Resource Metadata (IRM), Enterprise Data Header (EDH), and Access Rights and Handling (ARH) XML specifications of the Intelligence Community Enterprise Architecture (ICEA) Data Standards. The IC Trusted Data Format XML specification further expands on this body of work, adapting and extending it as necessary for TDF to function as the IC submission format for binding assertion metadata with data resource(s). This TDF functionality supports the IC way ahead strategy of implementing secure cloud-based information exchange and discovery on the IC Enterprise

This specification applies to the IC, as defined by the National Security Act of 1947, as amended; and such other elements of any other department or agency as may be designated by the President, or designated jointly by the Director of National Intelligence (DNI) and the head of the department or agency concerned, as an element of the IC. Joint and Coalition forces may use this specification but it is not required.

Data Encoding Specification Downloads


Current Version:


Previous Version:

CDR: Retrieve

Friday, October 05, 2012

Chief Information Officer

IC CIO Enterprise Integration & Architecture

CDR Retrieve

Overview

This IC/DoD enterprise encoding specification defines requirements and provides guidelines for the realization of the Content Discovery and Retrieval (CDR) Retrieve Component as a web service using both the REST style and SOAP bindings, hereafter termed a Retrieve service. This component provides a common interface and behavioral model for IC and DoD content collections, enabling content consumers to retrieve relevant content resources from disparate collections across the IC/DoD Enterprise. The content of this specification describes a Retrieve service’s interface and other aspects in detail, providing enough information for Retrieve service providers and implementers to create CDR-compliant Retrieve services.

The Retrieve Component, as defined by the Intelligence Community/Department of Defense (IC/DoD) CDR Specification Framework, serves as a “pull” mechanism to access the information resource.

The REST Retrieve Component relies on mechanisms that are already well established in the internet infrastructure:
The SOAP Retrieve specification covers the following aspects of a SOAP-based Retrieve Component:
  • Service Interface defines the base SOAP constructs to expressing inputs, outputs, and faults
  • Implementation provides additional implementation guidance beyond the behavior and interface guidance
  • Reference Documentation provides references to other CDR and community artifacts (i.e., CDR Reference Architecture)
The Retrieve Component supports the retrieval for a specified resource from a Content Collection. The Retrieve Component, as defined, can only support returning a resource directly to the requestor. It cannot redirect output to a component other than the requestor. In addition, no special handling instructions (e.g., routing) may be specified.

This specification supports Intelligence Community Directive 501(ICD 501), Discovery, Dissemination or Retrieval of Information within the Intelligence Community, which establishes policies for (1) discovery, and (2) dissemination or retrieval of intelligence and intelligence-related information collected, or analysis produced by the Intelligence Community.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package. This specification is maintained by the IC Chief Information Officer via the Services Coordination Activity (SCA) and Content Discovery and Retrieval Integrated Product Team (CDR IPT).


Value Proposition

This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community and Department of Defense Enterprise(IC/DoD). Features of this specification are to:
  • Enable retrieval of an identified content resource from the Content Collection in which it is stored.
  • Initiate delivery of the retrieved resource to the requestor or to a designated alternate location using the Deliver Component.

Current Version



Previous Versions

 


IdAM: Full Service Directory

Friday, August 17, 2012

Chief Information Officer

IC CIO Enterprise Integration & Architecture

IdAM: Full Service Directory

Overview

The Data Encoding Specification for the IC Full Service Directory Schema V1.0 codifies the set of Lightweight Directory Access Protocol (LDAP) attributes that IC elements are expected to provide when participating in the Intelligence Community Full Service Directory (IC FSD) architecture. The collection of attributes defined in the specification results in an overarching IC FSD Schema that is suitable for describing IC Entities within the TS/SCI environment. IC Entities may fall into the categories of an “IC Person” or “IC Non-Person Entity”, with the latter being used to define objects such as servers, devices, appliances, applications, and services that exist within the IC enterprise. The IC FSD Schema described in the specification is designed for implementation within LDAPv3-compliant directory servers.

Value Proposition

The Data Encoding Specification for the IC Full Service Directory Schema V1.0 defines detailed specifications for attributes that IC elements are expected to provide to the Intelligence Community Full Service Directory (IC FSD). Its function is to facilitate the availability, accuracy, and standardization of these attributes across the IC TS/SCI enterprise, building a consistent basis for capabilities including directory services, email functions, and attribute-based access control decisions. The specification defines:

  • IC-specific Schema and supporting objectClasses for IC Entities
  • Attributes, both standard and IC-defined, that must be managed by IC Elements
  • Controlled vocabulary for those attributes whose use requires standard values
  • Authentication requirements for the attributes
The primary audience for the specification includes those responsible for implementing and managing the capabilities that create, provide, modify, store, exchange, search, display, or further process IC FSD attributes.


Latest Approved Version

IdAM: Authorization Attribute Set

Friday, August 17, 2012

Chief Information Officer

IC CIO Enterprise Integration & Architecture

IdAM: Authorization Attribute Set

Overview

The IC Enterprise Authorization Attribute Exchange between IC Attribute Services, Authorization Attribute Set v1.0 codifies the minimum set of enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service (UAAS) architecture. It provides a common, consistent way to identify IC enterprise authorization attributes of IC persons produced by, stored within, or shared throughout the IC’s TS/SCI information domain.

The name, definition, cardinality, and controlled vocabulary for each attribute are defined in order to promote interoperability between UAAS-compliant attribute services established by participating IC Agencies. The set of authorization attributes described in the specification is designed for implementation within products and servers that are capable of supporting the Encrypted Mode option of the OASIS SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems, Committee Specification 01.

Value Proposition

IC Enterprise Authorization Attribute Exchange between IC Attribute Services, Authorization Attribute Set v1.0 establishes detailed requirements for enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service federation. Its function is to facilitate the availability, accuracy, and standardization of these attributes across the IC TS/SCI enterprise, building a consistent basis for the exchange of this information between IC Elements.


Defining the mandatory minimum set of IC enterprise authorization attributes and values for sharing through the IC UAAS federation supports consistent and assured information sharing across the enterprise. The IC UAAS supports Attribute-Based Access Control (ABAC) to promote on-demand access to information and other resources by IC users and services, and reduces authorization vulnerabilities by strengthening the access control decision process.


The primary audience for this document is the implementer and/or administrator who must configure an Attribute Service to meet the requirements for participation in the IC UAAS federation. The audience for this document also includes those responsible for implementing and managing the capabilities that create, provide, modify, store, exchange, search, display, or further process IC enterprise authorization attributes.


Latest Approved Version

Previous Version

You are leaving DNI.gov

You have selected to open
http://www.anotherwebsite.com

If you would like to not see this alert again, please click the
"Do not show me this again" check box below