Published: 13 November 2015

Chief Information Officer

IC Technical Specifications

CVE Encoding Specification for Role

Overview

This IC enterprise CVE encoding specification defines XML elements and attributes, associated structures and relationships, cardinality requirements, and permissible values for the role attribute as defined in the IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set (UIAS) Technical Specification.

This specification provides a set of values to characterize the entity’s (person or non-person) authorized position, job, or area of responsibility that ties membership to the function that the entity needs to perform the expected task.

This specification supports Executive Order (EO) 13526, Classified National Security Information which “prescribes a uniform system for classifying, safeguarding, and declassifying national security information”, across national security disciplines, networks, services, and data.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).

Technical Specification Downloads

Latest Approved Public Release:

• CVE Encoding Specification for Role (V2021-NOV - Standalone Package)
• CVE Encoding Specification for Role (V2021-NOV - Standalone Package)
• CVE Encoding Specification for Role (V2021-NOV - Light Package)

Mission Requirements

This CES defines the Role CVEs and contains the approved namespaces and associated taxonomies for the Role attribute and the valid values for populating the components of a role. It provides a common encoding (e.g. common understanding) and foundation for the UIAS attribute role. It also describes the generic format and lexicon for the role attribute. This format and lexicon is used to create specific taxonomies for a given namespace.

Although useful in and of itself, the intended use of this specification is to be incorporated into other specifications, in particular UIAS. For this purpose, role is defined by the use of formal language known as ABNF (Augmented Backus-Naur Form). This specification defines rules that explicitly define the content of ABNF which are used to provide a formal description independent of any particular technology.

Published: 13 November 2015

Chief Information Officer

IC Technical Specifications

XML DES Encoding Specification for Analysis Assertion

Overview

This XML Data Encoding Specification for Analysis Assertion (ANLYS.XML) defines detailed implementation guidance for using XML to encode ANLYS data. This Data Encoding Specification (DES) defines the XML elements and attributes, associated structures and relationships, mandatory and cardinality requirements, and permissible values for representing ANLYS data assertion concepts using XML within the use of a Trusted Data Format (TDF) Object.

This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).

Technical Specification Downloads

Latest Approved Public Release:

• XML Data Encoding Specification for Analysis Assertion (V2021-NOV - Standalone Package)
• XML Data Encoding Specification for Analysis Assertion (V2021-NOV - Convenience Package)
• XML Data Encoding Specification for Analysis Assertion (V2021-NOV - Light Package)

Mission Requirements

This DES is designed to fulfill a number of requirements in support of the transformational efforts of the IC. These requirements include:

• The need to provide a way to capture analytical information such as analysis of digital hazardous materials or cross domain transfers.

Published: 13 November 2015

Chief Information Officer

IC Technical Specifications

IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set

Overview

IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set (UIAS) codifies the minimum set of enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service (UAAS) architecture. It provides a common, consistent way to identify IC enterprise authorization attributes of IC persons produced by, stored within, or shared throughout the IC’s TS/SCI information domain. The name, definition, cardinality, and controlled vocabulary for each attribute are defined in order to promote interoperability between UAAS-compliant attribute services established by participating IC Agencies. The set of authorization attributes described in the specification is designed for implementation within products and servers that are capable of supporting the Encrypted Mode option of the OASIS SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems, Committee Specification 01.

This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Web Services Security Working Group (WSS WG).

Technical Specification Downloads

Latest Approved Public Release:

• IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set (V2021-NOV - Standalone Package)
• IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set (V2021-NOV - Convenience Package)
• IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set (V2021-NOV - Light Package)

Mission Requirements

IC Enterprise Attribute Exchange Between IC Attribute Services Unified Identity Attribute Set establishes detailed requirements for enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service federation. Its function is to facilitate the availability, accuracy, and standardization of these attributes across the IC TS/SCI enterprise, building a consistent basis for the exchange of this information between IC Elements.

Defining the mandatory minimum set of IC enterprise authorization attributes and values for sharing through the IC UAAS federation supports consistent and assured information sharing across the enterprise. The IC UAAS supports Attribute-Based Access Control (ABAC) to promote on-demand access to information and other resources by IC users and services and reduces authorization vulnerabilities by strengthening the access control decision process.

The primary audience for this document is the implementer and/or administrator who must configure an Attribute Service to meet the requirements for participation in the IC UAAS federation. The audience for this document also includes those responsible for implementing and managing the capabilities that create, provide, modify, store, exchange, search, display, or further process IC enterprise authorization attributes. 

Published: 13 November 2015

Chief Information Officer

IC Technical Specifications

XML Data Encoding Specifications for Production Metrics Assertion

Overview

This XML Data Encoding Specification for Production Metrics Assertion (PMA.XML) defines detailed implementation guidance for using Extensible Markup Language (XML) to encode PMA data. This Data Encoding Specification (DES) defines the XML elements and attributes, associated structures and relationships, mandatory and cardinality requirements, and permissible values for representing PMA data assertion concepts using XML within the use of a Trusted Data Format (TDF) Object or Collection.

This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).

Technical Specification Downloads

Latest Approved Public Release:

• XML Data Encoding Specifications for Production Metrics Assertion (V2019-MARr2019-SEP - Standalone Package)
• XML Data Encoding Specifications for Production Metrics Assertion (V2019-MARr2019-SEP - Convenience Package)
• XML Data Encoding Specifications for Production Metrics Assertion (V2019-MARr2019-SEP - Light Package)

Mission Requirements

This DES is designed to fulfill a number of requirements in support of the transformational efforts of the IC. These requirements include:

• Capturing one or more Production Metrics where each of them captures the Actor (who), Subject (what), and optional Location (where) to provide intelligence producers the ability to more accurately track funding for DDII intelligence gathering.
• Capturing one or more Production Metrics where each of them captures the Actor (who), Subject (what), and optional Location (where) to enable intelligence producers to mark data in a way that improves DDII's ability to measure collected information.

Both enterprise needs and requirements for this specification can be found in the following policies and implementation guidance:

500 Series:

• Intelligence Community Directive (ICD) 500, Director Of National Intelligence Chief Information Officer
• ICD 501, Discovery and Dissemination or Retrieval of Information within the IC
• Intelligence Community Standard (ICS) 500-20, IC Enterprise Standards Compliance