Subscribe to ODNI news via emailSubscribe via RSStumblr offtwitter off 2Like ODNI on FacebookView ODNI photos on FlickrVisit ODNI’s YouTube Channelscribd off

Organization

Access Rights and Handling

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Access Rights and Handling

Overview

This XML Data Encoding Specification for Access Rights and Handling (ARH.XML) defines detailed implementation guidance for using Extensible Markup Language (XML) to encode ARH data.

Information sharing within the national intelligence enterprise will increasingly rely on information assurance metadata (including enterprise data headers) to allow interagency access control, automated exchanges, and appropriate protection of shared intelligence. A structured, verifiable representation of security metadata bound to the intelligence data is required in order for the enterprise to become inherently "smarter" about the information flowing in and around it. Such a representation, when implemented with other data formats, improved user interfaces, and data processing utilities, can provide part of a larger, robust information assurance infrastructure capable of automating some of the management and exchange decisions today being performed by human beings.

 
The Intelligence Community (IC) has standardized the various classification and control markings established for information sharing within the Information Security Markings (ISM) and Need-To-Know (NTK) XML specifications of the Intelligence Community Enterprise Architecture (ICEA) Data Standards. The IC Access Requirements and Handling XML specification combines elements of the ISM and NTK specifications and extends them to access rights management and handling needs.

Current Version



Previous Version



IC-Enterprise Data Header

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

IC-Enterprise Data Header

Overview

This XML Data Encoding Specification for Enterprise Data Header (EDH.XML) defines detailed implementation guidance for using Extensible Markup Language (XML) to encode EDH data.
 

Information sharing within the national intelligence enterprise will increasingly rely on information assurance metadata (including enterprise data headers) to allow interagency access control, automated exchanges, and appropriate protection of shared intelligence. A structured, verifiable representation of security metadata bound to the intelligence data is required in order for the enterprise to become inherently "smarter" about the information flowing in and around it. Such a representation, when implemented with other data formats, improved user interfaces, and data processing utilities, can provide part of a larger, robust information assurance infrastructure capable of automating some of the management and exchange decisions today being performed by human beings.


The Intelligence Community (IC) has standardized the various classification and control markings established for information sharing within the Information Security Markings (ISM), Need-To-Know (NTK), and Access Rights and Handling (ARH) XML specifications of the Intelligence Community Enterprise Architecture (ICEA) Data Standards. The IC Enterprise Data Header XML specification further expands on this body of work, adapting and extending it as necessary to meet mission-unique needs. By specifying a data object's header information required for exchange on the IC Enterprise, EDH ensures a secure method of information sharing and discovery, supporting use cases such as the IC Cloud.

Current Version


Previous Version



ITS - Organization Messaging

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

Information Transport Service Organizational Messaging


Overview

This XML Data Encoding Specification for Information Transport Service Organizational Messaging ITS/OM defines detailed implementation guidance for using Extensible Markup Language (XML) to encode ITS/OM data. The ITS OM provides the Intelligence Community (IC) with a common set of services, architectural infrastructure, operating environment, and maintenance support to seamlessly transport information across IC-unique domains and via cross-domain systems, to other domains such as the DOD and other U.S. government agencies.

The creation of this XML standard provides a common programming schema for the IC messaging community. The extensive and consistent use of XML will improve data discovery,data sharing, and system interoperability.

Current Version

  • XML Data Encoding Specification for Information Transport Service Organization Messaging V3 (ITS-OM.XML.V3) 10 Apr 13


Previous Version



RR: Security Markings

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

REST Service Encoding Specification for Security Markings
  

Overview  

   
This technical specification defines the syntax, protocol and conventions for applying security metadata or notices to a request or a response message conveyed using the Hypertext Transfer Protocol (HTTP).


Adding security metadata and notices to messages provides the capability to route and filter messages based on classification and other security markings. By processing security metadata such as portion markings and tearlines, access control points have the ability to filter data based on the formal authorization credentials of authenticated users.


This specification provides guidance for the implementation of applying such metadata to messages using HTTP or REpresentational State Transfer (REST)-based services.

Current Version


Previous Version



RR: End-to-End Identity Propagation

Tuesday, April 23, 2013

Chief Information Officer

IC CIO Enterprise Integration & Architecture

REST Service Encoding Specification for Identity Propagation

Overview

This technical specification applies to non-SOAP-based web services over HTTP and provides guidance for REST-based services in an environment that does not utilize a Security Token Service (STS).


(U) This specification provides a mechanism to track a sequence of requestor identifier(s), from the initiating requestor to the final called service, providing "end-to-end" visibility of the requestor(s) in the transaction sequence.


The solution provided by this specification provides a mechanism for conveying identity in an interoperable manner. The specification does not by itself provide integrity, confidentiality or non-repudiation of the requestor identity or identities over the service chain. This specification will, however, address how these security goals can be accomplished by using this specification in combination with other security mechanisms.

Current Version



You are leaving DNI.gov

You have selected to open
http://www.anotherwebsite.com

If you would like to not see this alert again, please click the
"Do not show me this again" check box below