Subscribe to ODNI news via emailSubscribe via RSStumblr offtwitter off 2Like ODNI on FacebookView ODNI photos on FlickrVisit ODNI’s YouTube Channelscribd off

Organization

CDR: Retrieve

Friday, October 05, 2012

Chief Information Officer

IC Technical Specifications

CDR Retrieve

Overview

This IC/DoD enterprise encoding specification defines requirements and provides guidelines for the realization of the Content Discovery and Retrieval (CDR) Retrieve Component as a web service using both the REST style and SOAP bindings, hereafter termed a Retrieve service. This component provides a common interface and behavioral model for IC and DoD content collections, enabling content consumers to retrieve relevant content resources from disparate collections across the IC/DoD Enterprise. The content of this specification describes a Retrieve service’s interface and other aspects in detail, providing enough information for Retrieve service providers and implementers to create CDR-compliant Retrieve services.

The Retrieve Component, as defined by the Intelligence Community/Department of Defense (IC/DoD) CDR Specification Framework, serves as a “pull” mechanism to access the information resource.

The REST Retrieve Component relies on mechanisms that are already well established in the internet infrastructure:
The SOAP Retrieve specification covers the following aspects of a SOAP-based Retrieve Component:
  • Service Interface defines the base SOAP constructs to expressing inputs, outputs, and faults
  • Implementation provides additional implementation guidance beyond the behavior and interface guidance
  • Reference Documentation provides references to other CDR and community artifacts (i.e., CDR Reference Architecture)
The Retrieve Component supports the retrieval for a specified resource from a Content Collection. The Retrieve Component, as defined, can only support returning a resource directly to the requestor. It cannot redirect output to a component other than the requestor. In addition, no special handling instructions (e.g., routing) may be specified.

This specification supports Intelligence Community Directive 501(ICD 501), Discovery, Dissemination or Retrieval of Information within the Intelligence Community, which establishes policies for (1) discovery, and (2) dissemination or retrieval of intelligence and intelligence-related information collected, or analysis produced by the Intelligence Community.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package. This specification is maintained by the IC Chief Information Officer via the Services Coordination Activity (SCA) and Content Discovery and Retrieval Integrated Product Team (CDR IPT).


Value Proposition

This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community and Department of Defense Enterprise(IC/DoD). Features of this specification are to:
  • Enable retrieval of an identified content resource from the Content Collection in which it is stored.
  • Initiate delivery of the retrieved resource to the requestor or to a designated alternate location using the Deliver Component.

Current Version



Previous Versions

 


IdAM: Full Service Directory

Friday, August 17, 2012

Chief Information Officer

IC Technical Specifications

IdAM: Full Service Directory

Overview


The Data Encoding Specification for the IC Full Service Directory Schema V1.0 codifies the set of Lightweight Directory Access Protocol (LDAP) attributes that IC elements are expected to provide when participating in the Intelligence Community Full Service Directory (IC FSD) architecture. The collection of attributes defined in the specification results in an overarching IC FSD Schema that is suitable for describing IC Entities within the TS/SCI environment. IC Entities may fall into the categories of an “IC Person” or “IC Non-Person Entity”, with the latter being used to define objects such as servers, devices, appliances, applications, and services that exist within the IC enterprise. The IC FSD Schema described in the specification is designed for implementation within LDAPv3-compliant directory servers.

Value Proposition

The Data Encoding Specification for the IC Full Service Directory Schema V1.0 defines detailed specifications for attributes that IC elements are expected to provide to the Intelligence Community Full Service Directory (IC FSD). Its function is to facilitate the availability, accuracy, and standardization of these attributes across the IC TS/SCI enterprise, building a consistent basis for capabilities including directory services, email functions, and attribute-based access control decisions. The specification defines:

  • IC-specific Schema and supporting objectClasses for IC Entities
  • Attributes, both standard and IC-defined, that must be managed by IC Elements
  • Controlled vocabulary for those attributes whose use requires standard values
  • Authentication requirements for the attributes
The primary audience for the specification includes those responsible for implementing and managing the capabilities that create, provide, modify, store, exchange, search, display, or further process IC FSD attributes.


Latest Approved Version

DoD Discovery Metadata

Friday, August 17, 2012

Chief Information Officer

IC Technical Specifications

DoD Discovery Metadata

Overview


This XML Data Encoding Specification for Intelligence Content Discovery and Retrieval (CDR) defines detailed implementation guidance for using result sets in service responses applicable to the IC and Department of Defense (DoD) and information produced by, stored, or shared within and between the IC and DoD. The Content Discovery and Retrieval (CDR) Search Component specifies the use of result sets in service responses. As the DoD Discovery Metadata Specification (DDMS) is the Intelligence Community (IC) and Department of Defense (DoD) standard representation for resource metadata, and the IC Information Resource Metadata (IRM) standard is a supplement to it, providing guidance on how to search for DDMS and IRM encoded data is important. This document provides implementation guidelines for the use of DDMS and IRM in query request expressions and query responses for the CDR Search Specifications.

This is the first release of the specification and therefore provides no backward capability.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

This specification is maintained by the IC Chief Information Officer via the Data Coordination Activity (DCA) and Content Discovery & Retrieval Integrated Project Team

Data Encoding Specification Downloads


Latest Approved Version


Previous Versions Currently Mandated in the Baseline [ER2 and DISR]


  • None

Mission Requirements


This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community. Many of these requirements are articulated in IC Directives.

This specification includes design features capable of:

  • Use of result sets in service responses.
  • Provides guidance on how to search for DDMS and IRM encoded data.
  • Provides implementation guidelines for the use of DDMS and IRM in query request expressions and query responses for the CDR Search Specifications.
  • Defines joint vision and shared oversight between IC and DoD.
  • Outlines IC/DoD CDR IPT set of architecturally-driven standards and specifications that enable content discovery and retrieval of all IC and DoD data assets.
  • DoD Metadata Working Group
  • CDR Reference Architecture (CDR-RA)
  • Advises on how to search documents which follow the DDMS and IRM specifications.
  • Uses XPath as the notational convention.
  • Defines dependencies
  • Defines Version and XML Namespace Policies
  •  Provides info on running examples written in DDMS 5.0 to make work with DDMS 4.1 examples.

IdAM: Authorization Attribute Set

Friday, August 17, 2012

Chief Information Officer

IC Technical Specifications

IdAM: Authorization Attribute Set

Overview


The IC Enterprise Authorization Attribute Exchange between IC Attribute Services, Authorization Attribute Set v1.0 codifies the minimum set of enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service (UAAS) architecture. It provides a common, consistent way to identify IC enterprise authorization attributes of IC persons produced by, stored within, or shared throughout the IC’s TS/SCI information domain.

The name, definition, cardinality, and controlled vocabulary for each attribute are defined in order to promote interoperability between UAAS-compliant attribute services established by participating IC Agencies. The set of authorization attributes described in the specification is designed for implementation within products and servers that are capable of supporting the Encrypted Mode option of the OASIS SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems, Committee Specification 01.

Value Proposition

IC Enterprise Authorization Attribute Exchange between IC Attribute Services, Authorization Attribute Set v1.0 establishes detailed requirements for enterprise-level authorization attributes that IC elements are expected to provide if they participate in the Intelligence Community Unified Authorization and Attribute Service federation. Its function is to facilitate the availability, accuracy, and standardization of these attributes across the IC TS/SCI enterprise, building a consistent basis for the exchange of this information between IC Elements.


Defining the mandatory minimum set of IC enterprise authorization attributes and values for sharing through the IC UAAS federation supports consistent and assured information sharing across the enterprise. The IC UAAS supports Attribute-Based Access Control (ABAC) to promote on-demand access to information and other resources by IC users and services, and reduces authorization vulnerabilities by strengthening the access control decision process.


The primary audience for this document is the implementer and/or administrator who must configure an Attribute Service to meet the requirements for participation in the IC UAAS federation. The audience for this document also includes those responsible for implementing and managing the capabilities that create, provide, modify, store, exchange, search, display, or further process IC enterprise authorization attributes.


Latest Approved Version

CDR: Manage Component

Friday, August 17, 2012

Chief Information Officer

IC Technical Specifications

CDR: Manage Component (Manage Service)

Overview


This IC enterprise service encoding specification defines requirements and provides guidance for the realization of the Content Discovery and Retrieval (CDR) Manage Component (Manage Service) as a RESTful web service and as a web service using the SOAP style binding.  The Manage Component, as defined by the IC DoD CDR Specification Framework (CDR-SF), serves as the primary mechanism to manage CDR resources, where a CDR resource is defined as one explicitly created and used to support CDR functions.

The content of this specification describes the Manage Service's behavior, interface and other aspects in detail, providing enough information for Manage Service providers and consumers to create and use CDR-conformant Manage Services.  Specific uses of the Manage Service, such as to create, read, update, delete, and search for Saved Searches, will be elaborated as profiles in the corresponding documents for those uses.

This standard supports Executive Order (EO) 13526, Classified National Security Information which "prescribes a uniform system for classifying, safeguarding, and declassifying national security information," across national security disciplines, networks, services, and data.

 Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

The IC Chief Information Officer maintains this specification via the Data Coordination Activity (DCA) and Common Metadata Standards Tiger Team (CMSTT).

 

Technical Specification Downloads


Latest Approved Version


Mission Requirements

The Manage Service provides a coordinated set of functions that enables service consumers to create, read, update, delete, and search for instances of any defined type of CDR resources.  The CDR resource type corresponding to specific uses of Manage is associated with a Uniform Resource Identifier (URI), where the Web-accessible resource accessed through that URI will identify the structure and semantics of the CDR resource type designed for that use (i.e., Query Management (QM) defines the Saved Search type as the CDR resource relevant to that use).
 

For all uses, The CDR resource description comprises the characteristic description metadata that aids in the discovery of CDR resource instances.  Some of this description will be generated as part of the resource creation or update, while other description data will be supplied by someone with responsibility for the resource.  It is anticipated that a basic description vocabulary appropriate for any CDR resource will contain a general set of properties while the description vocabulary associated with a particular resource type will add additional properties.  The ability to save and retrieve resource instances over time will require implementers to adopt a persistence mechanism, which this document refers to as a CDR Resource Collection.

You are leaving DNI.gov

You have selected to open
http://www.anotherwebsite.com

If you would like to not see this alert again, please click the
"Do not show me this again" check box below