Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
NIEM's value expanding beyond law enforcement data sharing
Wednesday - 9/21/2011, 5:39am EDT
The Agriculture Department has a standard language to share information about orange juice production. The Homeland Security Department is developing a lexicon for cybersecurity.
Both of these agencies, along with several others, are using the same tool to create their common vocabulary to make information sharing easier.
The National Information Exchange Model (NIEM) is quickly becoming as valuable to other industry sectors as to the law enforcement agencies the Justice Department initially developed it for.
"NIEM is a standards framework or a standards process," said Kshemendra Paul, the program manager for the Information Sharing Environment, in an interview with Federal News Radio. "We work with standards organization so they can use NIEM to create standards."
DoJ first developed NIEM in 2005, building on its work with the Global Justice XML Data Model. The initial goal for NIEM was to harmonize counterterrorism information, automate the sharing of the data and develop common tools that can easily be reused.
Doing it better
Soon, other industries, from health care and agriculture to cybersecurity, found NIEM's concepts helpful, Paul said.
Now many agencies and countries are using NIEM widely.
"I was in Mexico City in July, and on July 14 Mexico, Canada and the U.S. signed a memorandum of understanding around information sharing and information exchange," Paul said. The goal is to share best practices and do some trilateral projects where the focus is NIEM adoption. There is great excitement by the federal chief information officers of Canada and Mexico around what we are doing in sharing best practices."
As part of that MOU, the three countries will establish two working groups focusing on sharing public health and public safety information.
Paul said the countries still are working out the pilots, but he said they likely will focus around sharing information in case of an influenza pandemic.
"The sharing of information already is going on, but the idea is through standardization we can do it better and in a more broad-based way," he said. "The other is public safety where we will share information on stolen vehicles."
Paul said the pilots should be launched this fall with initial results coming in late winter or early spring 2012.
Mexico and Arizona are also already using NIEM based standards to share health information.
"This is not about new money or new efforts," Paul said. "This is about bottom-up work we really pride ourselves on. This is working through our network of stakeholders and identifying existing activities. At the Department of Health and Human Services, there are a lot of activities and we are working closely with them."
A 'CIO-type thing'
The Suspicious Activity Reporting (SAR) standard was the first one based on NIEM, and the one furthest along.
Paul said Canada plans to pilot SAR with its Mounted Police, provincial police and metropolitan police.
"Canada using it is quite interesting and points out good work we've done around privacy," he said. "When we started this conversation with Canada — their interest in this area was well over a year ago — while no one said this, the feeling was 'Don't you all shred privacy in the U.S.?' No one said that, it was a very respectful conversation. But where we are today they want to pilot this in Canada, and they see we built the frameworks to support privacy to such an extent they can pilot it and tune those frameworks to meet their own laws, customs and how they want to do business north of the border."
Paul added the working group pilots will make it easier for U.S., Canadian and Mexican government agencies to meet their missions, and show the value of NIEM in other areas beyond counter-terrorism.
"The adoption of NIEM by Canada and Mexico is not focused on counterterrorism, it's focused more broadly," he said. "This is a CIO-type thing where they are looking at sharing best practices for information sharing and information integration."
Paul said NIEM's use is expanding. The Object Management Group owns the standard for the Universal Modeling Language and wants to express NIEM standards as a UML profile.
"UML is lingua franca for software development and information management," he said. "It's a billion-dollar tools industry and a billion dollar middleware industry that is all based on UML. So that would allow folks who want to use NIEM to use UML tools which are really any software development tool, any architecture tool and any information management tool. That would drive adoption and drive further value generation. It's great to see the participation by industry in this there is a lot of industry demand for this."