Protection and the Control of Information Sharing in Multics
Information Sharing and Protection
-
Upload
oxford-internet-institute -
Category
Technology
-
view
2.137 -
download
4
description
Transcript of Information Sharing and Protection
The Need for Achieving Appropriate Information Sharing
and Information Protection
The Need for Achieving Appropriate Information Sharing
and Information Protection
1
David A. Bray, PhD, MSPH [email protected]
What is the ISE?What is the ISE?
1. What is the ISE?
2. Post-9/11 Information Sharing
3. Towards Information Sharing and Protection
4. On-going ISE Development Efforts
2
What is the ISE?What is the ISE?
3
Information Sharing Environment (ISE) spans • Federal, State, Local, and Tribal Agencies; • Private Sector; and • International Allies
Information Sharing Environment (ISE) spans • Federal, State, Local, and Tribal Agencies; • Private Sector; and • International Allies
DefenseDefense
IntelligenceIntelligence
Homeland Security Homeland Security
DiplomacyDiplomacy
Law EnforcementLaw Enforcement
Range of Missions
Com
mun
itie
s
Information Sharing
Environment
Terrorism-relatedTerrorism-related
Frontline
•Investigators•Analysts•Operators
What is the ISE?What is the ISE?
• Established: ◦ Post-9/11 Commission Reforms w/ the Intelligence
Reform and Terrorism Prevention Act of 2004
• Purpose: ◦ Align and leverage policies, processes, technologies,
and systems
◦ Promote timely, actionable, relevant information sharing re: counter-terrorism, WMD, and homeland security
◦ Protect information, privacy, and civil liberties
4
Post-9/11 Information SharingPost-9/11 Information Sharing
5
•300+ million people•50 States•3,000+ counties•500+ Federally recognized Indian Tribes
•18,000+ Law Enforcement Organizations
•1 million+ security personnel
U.S. law provides for a reasonable expectation of privacy for all U.S. persons.
Post-9/11 Information SharingPost-9/11 Information Sharing
6
2004 2006 - 2008
2005
• Global Justice (GLOBAL) Fusion Center Guidelines
• President approves recommendations submitted pursuant to 2005 Guidelines Memorandum
• The “Implementing Recommendations of the 9/11 Act”
• Transfer of the President’s authorities in IRTPA to the PMISE.
• President issues the National Strategy for Information Sharing
• President issues Memorandum standardizing sensitive but unclassified information – Controlled Unclassified Information (CUI)
• GAO reviews the Information Sharing Environment
• Baseline Capabilities for Fusion Centers Issued
• Nationwide SAR Initiative (NSI) pilot project launched by PM-ISE with DOJ, FBI, and DHS
• PM-ISE Opens
• EO 13388 further strengthening the sharing of terrorism information to protect Americans, Establishes an interagency Information Sharing Council to advise the President
• Presidential guidelines and requirements in support of the terrorism Information Sharing Environment
• DOJ and DHS sign NIEM Memorandum of Understanding
• 9/11 Commission Report
• EO 13354 creates National Counterterrorism Center
• EO 13356 strengthens terrorism information sharing (revoked by EO 13388)
• IRTPA establishes calls for an Information Sharing Environment ; creates PM-ISE
2010
• Attorney General opens a Program Office for the Nationwide SAR Initiative
• SBU Interoperability project launched
• President appoints new Program Manager
• White House Issues FY12 ISE Programmatic Guidance
• EO 13549 establishes a uniform Classified National Security Program to facilitate sharing of classified information with SLTPS entities
• EO 13556 establishes a uniform program for managing unclassified information that requires safeguarding or dissemination controls (CUI)
• PM launches dialogue for updating National ISE Strategy
• Fusion Center Baseline Capabilities Nationwide Assessment Complete
2009
• EOP reaffirms need to enhance national security through an ISE
• National Security Staff organized to include Senior Director for Information Sharing
• Information Sharing & Access IPC Created
• White House Issues FY11 ISE Programmatic Guidance
• SAR Functional Standard updated
• NSI Pilot completed; plans for nationwide implementation
• Attorney General and DHS Secretary issue recommendations on CUI
Mission Partners Build and
Operate the ISE
7
2007 2008 2009 2010 2011...
ISE
Pri
ori
ties
Controlled Unclassified Information (CUI)
Interagency Threat Assessment and Coordination Group (ITACG)
Nationwide SAR Initiative (NSI)
NARA
NCTC
DOJ
Fusion Center (FC)DHS
Cargo Screening
Assured SBU/CUI Interoperability
Assured Secret Network Interoperability
DHS
DoJ, ODNI, DHS, FBI
FBI, ODNI, DHS, DOD
Post-9/11 Information SharingPost-9/11 Information Sharing
Towards Sharing and ProtectingTowards Sharing and Protecting
“… There is also a clear connection between cybersecurity and information sharing. The same technology that will help improve information sharing is a critical part of protecting…”
“… Regular, automated compliance and behavior audits will not only protect privacy and make possible authorized use of information, they will greatly enhance the government’s ability to monitor misuse of its information networks…”
8
-Markle Foundation, “Nation At Risk: Policy Makers Need Better Information to Protect the Country”
Towards Sharing and ProtectingTowards Sharing and Protecting
Protection and Sharing Represent Two Sides of the Same Coin
9
Towards Sharing and ProtectingTowards Sharing and Protecting
• Provide information sharing and protection mechanisms to ISE participants
• Ensure protection of privacy, civil liberties, and sensitive information appropriately
• Support authentication, authorization, and access control processes to discover data and services on all networks
• Enable access control policies to be managed and enforced at the enterprise level, to include audits that both inform protection and sharing trends
10
On-going ISE Development Efforts On-going ISE Development Efforts
11
• Building a National Integrated Network of Fusion Centers
• Continuing Implementation of the Nationwide SAR Initiative
• Establishing SBU/CUI Network Interoperability
• Improving governance of the classified National Security Information Program
• Advancing Implementation of CUI Policy
• Aspirations:
Achieve loosely coupled and interoperable enterprise-level applications and services, appropriately protecting privacy and sensitive information
12
On-going ISE Development Efforts On-going ISE Development Efforts
• Achieve interoperability across the Enterprise Architectures of agencies across Federal, State, and Local levels of government
• Empower agencies to reuse standardized information exchange components to achieve appropriate sharing and protection of information
13
On-going ISE Development Efforts On-going ISE Development Efforts
14
On-going ISE Development Efforts On-going ISE Development Efforts
Requirements Across Departments and
Agencies
Interagency Information Integration Architecture
and Governance
Service Specifications, Including Reusable
Components and IEPDs
Contracted for Development by Industry
or Government
Reuse by Other Departments and
Agencies
Build, Test, and Certify Services, Reusable
Components, and IEPDs
Greater Reuse Across Government of Services, Components, and IEPDs Greater Demand Signal to Industry to Develop Standard Interagency Services
Questions?
David A. Bray, PhD, MSPH [email protected]
15
www.ise.govwww.ise.gov
Sign up for EmailAlerts to get the latest on:• National ISE Strategy• ISE Activities• Blogs and News