Title: News

NIEM Newsletter

August 2009

GFIPM—A Passport for Information Sharing

Achieving information sharing objectives requires that partners establish wide-scale electronic trust among the caretakers of critical information and those who need and are authorized to use that information. The information is sensitive—inappropriate sharing is just as dangerous as lack of sharing. Enter the new and rapidly maturing technology called federated identity. Federated identity allows a user's roles, rights, and privileges to be communicated securely in the justice community and, in particular, to those who hold the information required to effectively safeguard our nation.

The Global Federated Identity and Privilege Management (GFIPM) framework provides the justice community and partner organizations with a standards-based approach for implementing federated identity. The concept of globally understood metadata across federation systems is essential to GFIPM interoperability. Just as a common Extensible Markup Language (XML) data model was the key to data interoperability, a standard set of XML elements and attributes about a federation user's identities, privileges, and authentication can be universally communicated. The GFIPM metadata and framework support the following three major interoperability areas of security in the federation:

  • Identification/Authentication—Who are the end users and how were they authenticated?
  • Privilege Management—What certifications, clearances, job functions, local privileges, and organizational affiliations are associated with end users that can serve as the basis for authorization decisions?
  • Audit—What information is needed or required for the purposes of auditing systems, systems access and use, and legal compliance of data practices?

The GFIPM metadata specification is being used in a limited pilot capacity today. Lessons learned and feedback from this pilot were incorporated into the public release of the GFIPM metadata specification.

Building a Federation for Secure and Trusted Information Sharing

"Federation" is a fundamental concept in this framework. The federation provides a standardized means for allowing agencies to directly provide services for trusted users that they do not directly manage. A federation is defined as a "group of two or more trusted partners with business and technical agreements that allow a user from one federation partner (participating agency A) to seamlessly access information resources from another federation partner (participating agency B) in a secure and trustworthy manner." Major organizational participants in a federation vet and maintain information on the users they manage, and each federation partner retains control over the business rules for granting access to the sensitive information it owns. The federation partners establish the electronic trust needed to securely access information by sending standards-based electronic credentials to federation partner information service(s). The federation partner information service(s) evaluate the trusted electronic credential to determine whether to grant or deny access to the requested service or information.

A similar business model exists in passport processing. A federation of governmental agencies has agreed to vet and maintain information on its citizens as a prerequisite for issuing a passport. Border agents will grant or deny access to enter or leave the country based on evaluation of a passport—a trusted credential issued by a federation partner asserting identity and citizenship of a particular country. The country (federation partner) providing the service to enter or exit the country applies its own business rules based on the passport information and other attributes known at the time of the request.

GFIPM can be thought of as a method for generating a "passport" for information sharing—only those having the right passport can view data in the federated system, and all federated partners define what passports are necessary to view the data in their care.

Global Advisory Committee Recommendation

Over the last several years, federated identity deployments have grown, matured, and expanded in depth and breadth across multiple industries. As the standards have matured, more organizations have become aware of the compelling business case for building federated communities. As such, a critical objective of the Global Security Working Group (GSWG) for GFIPM is to ensure compatibility by collaborating with other key ongoing projects that cross domain boundaries, such as the National Information Exchange Model (NIEM), the Office of the Director of National Intelligence, and the Law Enforcement Information Sharing Program.

At the start of the GFIPM project, it was decided that the GFIPM metadata model would leverage the NIEM content and architectural framework. Given the work and success of the NIEM data modeling efforts, it is logical to leverage and reuse these specifications in describing the GFIPM metadata. The advantage of leveraging the NIEM specification is that it inherently makes the GFIPM metadata model immediately more applicable to other domains and systems, rather than focused only on criminal justice users and systems.

GFIPM metadata leverages the NIEM data modeling standard as the base vocabulary and naming and design rules in the data modeling effort for describing the conceptual model and building the associated schemas. However, neither GJXDM nor NIEM currently includes the concept of a federated user or a federated entity; therefore, these concepts must be defined here. It is expected that the GFIPM metadata defined as part of this effort will be reconciled and potentially added to NIEM in the future.

Federated identity is part of the GSWG’s vision for promoting secure, nationwide information sharing. To this end, the Global Advisory Committee has adopted the following GSWG recommendations on behalf of the Attorney General’s Global Justice Information Sharing Initiative:

  • Recognize GFIPM as the recommended approach for development of interoperable security functions for authentication and privilege management for information access and exchange among cross-domain justice information sharing systems.
  • Adopt the GFIPM: A Global Concept Activities and Progress Report as a recommended resource for next steps and activities to further the utility of GFIPM for the justice community.
  • Urge the members of the justice community to consider GFIPM as a potential building block to a layered security solution when authenticating uses among cross-domain organizations.

GFIPM Initiative

The GFIPM initiative is supported through the Office of Justice Programs, Bureau of Justice Assistance (BJA); National Institute of Justice (NIJ); and the U.S. Department of Homeland Security (DHS). The GSWG provides oversight for this initiative. For more information about GFIPM, visit http://www.it.ojp.gov/default.aspx?area=nationalInitiatives&page=1179.

**The 2009 NIEM National Training Event will feature a presentation titled "Global Federated Identity and Privilege Management (GFIPM) Case Studies" at 4:15 p.m. on Wednesday, September 30, 2009. **

NIEM 2.1 Beta Release Is Available!

The much-anticipated National Information Exchange Model (NIEM) Version 2.1 will have 35 percent more content! A Beta release is now available for public review and comment. The final production release is planned to take place prior to the 2009 NIEM National Training Event being held from September 30 to October 2, 2009, in Baltimore, Maryland.

What Can You Do?

The entire NIEM community of developers, implementers, practitioners, and supporting executives has an opportunity to help review and provide feedback at the Release-Candidate stage, to ensure that it meets the needs of the entire community. Interested parties should participate to help ensure the quality and reusability of the Release Candidate. If you have any questions, please contact the National Information Sharing Standards Help Desk at nisshelp@ijis.org.

2009 NIEM National Training Event

Register Today for the NIEM National Training Event Registration for the 2009 NIEM National Training Event is available online, via fax, and by mail. Please visit the event site for access to all available information on this event, including online registration, track descriptions, and hotel information. If you have any questions about the 2009 NIEM National Training Event, please send an e-mail to information@niem.gov.

The Tools to Make IT More Agile and Cost-Efficient!

The 2009 NIEM National Training Event, the definitive conference on the National Information Exchange Model (NIEM) and information sharing, is expected to draw more than 600 IT professionals from around the United States. The event will be held at the Hilton Baltimore in Baltimore, Maryland, from September 30 to October 2, 2009.

Vinton G. Cerf, widely known as one of the "fathers of the Internet," will be opening the event. Vint has been known to call NIEM "the IP protocol for data." The speakers represent a variety of domains, including justice, public safety, homeland security, health and human services, maritime, courts, and corrections. The agenda offers plenary and workshop sessions that will examine programs and strategies being implemented by federal, state, tribal, and local governments to address some of the most urgent information sharing issues confronting communities around the country. This training event—designed for program managers, enterprise architects, and implementers—includes sessions on how organizations have shown cost avoidance using NIEM and tools you can use to show value and determine the ROI for your organization. We will have stories from projects that report more than $1 million of IT savings using NIEM.

Learn first-hand from other IT professionals how they have developed and implemented Information Exchange Data Packages (IEPDs) and NIEM. For the first time, the offering includes an entire track on NIEM implementation using LEXS, ULEXS, or UCORE. There will be public sessions with the three NIEM governance groups: the NIEM Technical Architecture Committee, the NIEM Business Architecture Committee, and the NIEM Communications and Outreach Committee. And based on popular demand, we have added sessions such as "Ask the Expert: LEXS, ULEXS, and UCORE" with Jeremy Warren, Chief Technology Officer of U.S. DOJ and Boris Shur, Chief Data Architect of U.S. DOJ.

Registration for the 2009 NIEM National Training Event is available online, via fax, and by mail. Please visit the event Web site for access to all available information on this event, including online registration, track descriptions, and hotel information. If you have any questions on the 2009 NIEM National Training Event, please send an e-mail to information@niem.gov.

We encourage you to forward this NIEM Newsletter to a friend or colleague with a vested interest in federal, state, or local government information sharing. We look forward to seeing you on September 30.

2009 NIEM National Training Event Presentation Spotlight

The 2009 NIEM National Training Event will feature presentations by some of the foremost NIEM experts in the country. Below is just a small sampling of the high-caliber presentations you can expect to see at the event:

Using the Global Justice Reference Architecture (JRA) and NIEM to Develop Services Sam Ali, IJIS Institute; Iveta Topalova, Analysts International Corporation (AIC); Jim Douglas, SEARCH This panel will describe how the Global Justice Reference Architecture (JRA) leverages NIEM to create services. The session begins with a brief explanation of the purpose and scope of the JRA and how it uses NIEM. This will be followed by an introduction to the JRA Guideline for Identifying and Designing Services and the JRA Service Specification Package (SSP) that together provide a "blueprint" for the development of a service. The Services Task Team Reference Service Specification Development Project will be used to illustrate how these products are applied and what lessons have been learned. This project is funded through the Bureau of Justice Assistance (BJA), U.S. Department of Justice and is a collaborative effort between the major technical assistance providers for the JRA: The National Center for State Courts, SEARCH, the IJIS Institute, and IIR.

Implementing NIEM as a Canonical Model for Information Sharing at DHS/USCIS Hector Alicea, HLA & Associates, LLC on behalf of DHS USCIS
This presentation describes two NIEM-based Enterprise Services within U.S. Citizenship and Immigration Service’s (USCIS) SOA. These services use a NIEM-based domain model as the canonical view of data for the services. The first, the Person Centric Query (PCQ) Service, enables submitting a single query for an immigrant’s transactions across DHS and Department of State systems. The output is a consolidated and correlated view of the immigrant’s past interactions with the government. The second, the Lockbox Intake Service (LIS), serves as the single point of connection for the Lockbox Service Provider (JP Morgan Chase) to submit processed electronic benefit applications to USCIS.

Join NIEM on LinkedIn

Join NIEM on LinkedIn Join the NIEM group on LinkedIn and gain access to lively discussions and event updates. If you already have a profile on LinkedIn, simply search for NIEM and request to join the group.


Follow NIEM on Twitter

Twitter Follow NIEM updates on @NIEM_training and @NIEMExecDir.


NIEM Training News and Events

Upcoming Events and Training

A NIEM Practical Implementer's Course was held June 30 through July 2, 2009, in Topeka, Kansas. This session was hosted by the state of Kansas, Department of Administration and was attended by 16 students. Course participants included representatives from the Kansas Attorney General's Office, the Kansas Juvenile Justice Authority, the Kansas Department of Transportation, Kansas Social and Rehabilitation Services, the Kansas Department of Corrections, the Kansas Information Technology Office, and the Kansas Legislature. The combination of various state agencies provided the setting for an engaging and informative training session. The instructors for this training engagement were Di Graski of the National Center for State Courts and Chuck Allen of HRInterop. The class was well-received based on the student evaluations.

NIEM Practical Implementer's Courses are funded through grants from the Bureau of Justice Assistance, U.S. Department of Justice, in cooperation with the U.S. Department of Homeland Security. For more information about the NIEM Technology Training Program, contact training@ijis.org.

August 25–27, 2009 NIEM Practical Implementers Training Course, Oklahoma Supreme Court, Oklahoma City, Oklahoma
September 30October 2, 2009 NIEM National Training Event, Baltimore, Maryland
Register today!


Get Adobe Reader Download Acrobat Reader to open, view, and print the PDF files

home · news · downloads · tools · site map · contact · disclaimer

U.S. Department of Justice     U.S. DOJ Privacy Policy     U.S. Department of Homeland Security

Updated March 17, 2010           Send feedback and comments to information@niem.gov.