Top Community Contributors
Enterprise Architect User Group: London 2017
Written by DT_Sam
RepoDoc, a call for testing
Written by ArchimetesRead more...
- We are Profiling EA Users
Managing a student project with Enterprise Architect - Part 4
Written by doug rosenberg
- CIO Review's 20 Most Promising BPM Solution Providers 2017
- Sparx Systems Pro Cloud Server - Coming Soon
- SD Times - How UML makes a DevOps-driven digital transformation possible
Use C#, Java, for your VB Scripting
Written by Helmut Ortmann
Security - A Shared Concern
In July 2016, Sparx Systems attended the Australian National Security Summit as a key sponsor. What struck one about this conference, was the chorus of concern from the speakers, for collaboration and integration. In every presentation the shared concern was for the ability for different people in the same or geographically dispersed locations, to share information. Joining the dots, so as to be able to identify patterns or connections, in what appear as isolated or unrelated events that could present a threat to security.
In his presentation, 'Asia Pacific to 2025 - Challenges and Opportunities' Peter White from the Australian Department of Infrastructure and Regional Development, emphasised that to maintain aviation security in our region there was a “need to work collectively and cooperatively with regional partners”. Detective Inspector Glyn Lewis, National Coordinator Cyber Crime Operations, from the Australian Federal Police spoke of “collaborating with our international law enforcement partners” in his presentation 'Tackling the challenge of Cyber Crime in an ever changing landscape'.
In the same month, at a meeting of the North Atlantic Council in Warsaw, participating Heads of State and Government committed to enhance resilience, in facing “a broader and evolving range of military and non-military security challenges.” The statement went on to say, that being resilient against these challenges requires Allies “to work across the whole of government and with the private sector.” Resilience also requires that the Alliance continues “to engage, as appropriate with international bodies particularly the European Union, and with partners.”
In the international security network today, the message to increase collaboration and integration for information sharing is consistent. The Information Sharing Environment (ISE) was established by the United States Intelligence Reform and Terrorism Prevention Act of 2004 and provides analysts, operators, and investigators with the information needed, to enhance national security.
In 2001, a handful of organizations, collectively known as the Global Justice Information Sharing Initiative, started to create a seamless, interoperable model for data exchange to overcome the challenges of exchanging information, across state and city government boundaries. The first pre-release of the Global Justice XML Data Model (GJXDM), a foundational predecessor and building block of NIEM, was announced in April 2003. Parallel to the GJXDM effort, the U.S. Department of Homeland Security (DHS) began working on standards for metadata and these efforts by the justice and homeland security communities, led to the beginnings of the National Information Exchange Model (NIEM).
National Information Exchange Model
NIEM was formally initiated in April 2005 by Department of Homeland Security and Department of Justice, uniting key stakeholders from federal, state, local, and tribal governments, to develop and deploy a national model for information sharing and the organizational structure to govern it. A standards-based approach to exchanging information, NIEM enables communication between systems, even if they have never communicated before, while ensuring that information is well understood and carries the same consistent meaning, across various communities supporting interoperability.
NIEM standardizes the semantics describing the data, so that the underlying information is exchanged between jurisdictions seamlessly, accurately and – when fully implemented – without delay.
For example, databases in one American state may refer to a person in jail as a prisoner, while another refers to someone in identical circumstances as an inmate. If the federal government wants to query databases in both states to ask if a particular person is in jail, all three need to agree on identical, standardized language. NIEM enables individual agencies and sectoral domains to map their language, to the terminology set out in the NIEM standards.
Joining the Dots for a Clearer Picture
In the poem by John Godfrey Saxe , six visually impaired men provide their individual descriptions of an elephant by touching the animal. In their conclusions “each was partly in the right And all were in the wrong.” The message of the story is that when not coordinated, the investigations of a system components and the relationships between them, prevents shared understanding of the overall picture, which can lead to serious misinterpretations, based on a lack of information.
The brilliance of the standards creation effort is, that while standards codify best practices, for the benefit of all stakeholders, they also reduce or eliminate those differences between individual stakeholders, that would hold them in silos and place them collectively at a competitive disadvantage. In the context of collaboration and integration, security standards eliminate the weak linkages in the chain.
The ISE SAR Functional Standard exemplifies this value proposition. It supports improved information sharing and safeguarding capability, enabling community members to better plan and execute initiatives.
Suspicious Activity Reporting (SAR) is a common police procedure for recording observations from patrol shifts. The different personnel capturing the information, varied locations, formats and definitions has raised the question as to how best to use the data. How will different people in the same or different locations join the dots, to identify patterns or connections in what appear as isolated or unrelated events?
In the past, Local, State and Federal systems were not designed to interoperate. In fact, in some states, it was illegal to share information with the federal government. Incompatible computer systems compounded the siloed nature of information. Most people are familiar with the stories of emergency vehicles turning up at the wrong address due to incompatibility between the databases of different local authorities.
Communities of Interest
The Nationwide SAR Initiative (NSI) is a partnership among state, local, tribal, and federal agencies, including the Bureau of Justice Assistance, Office of Justice Programs, U.S. Department Of Justice (DOJ); the Program Manager for the Information Sharing Environment; the U.S. Department of Homeland Security; the Federal Bureau of Investigation’s eGuardian; the Global Justice Information Sharing Initiative; and the U.S. Department of Defense.
The Major Cities Chiefs Association (MCCA), the Major County Sheriffs’ Association, the National Sheriffs’ Association, and the International Association of Chiefs of Police (IACP) all unanimously support the SAR (Suspicious Activity Report). This is what is called a NIEM Community of Interest (CoI). These NIEM domains each have an executive steward, to officially manage and govern a portion of the NIEM data model.
With the development of XML, departments were able to exchange information legally while maintaining their own legacy systems naming conventions and exchange information using a metadata dictionary. For instance, agreeing to use the term “car” instead of automobile or vehicle, allowed different entities to share information without changing their own departmental language.
Over the last decade, the NIEM (National Information Exchange Model has become a significant new resource for information sharing. In 2007 the various stakeholders in different departments got together to discuss how to standardise information sharing and in due course, defined the elements of the SAR Information Exchange Package Documentation or IEPD. 16,000 data elements from various sources were collected analyzed and reduced to around 2,000 unique data elements which were incorporated into about 300 reusable components, resulting in the Global Justice XML Data Dictionary (Global JXDD). The Global JXDD components were accessible from multiple sources and resulted in increased interoperability, throughout different justice and public safety information systems.
Using the JXDD would define the terms that would be used to compose a SAR, wherever it was used. In 2008, the office of the Program Manager for the Information Sharing Environment issued the ISE SAR Functional Standard codifying the SAR IEPD.
Painting the Picture
The IEPD is a data dictionary that allows agencies to validate data exchanged in reports or queries. It provides a clearly defined path for the development of an exchange model and a reusable basis for any new system to join the same exchange. When speaking about how the SAR IEPD enabled agencies to connect unrelated events, Los Angeles Police Department Commander Joan T. McNamara commented, “This paints an amazing picture in real time.”
Non-experts can develop NIEM-conformant messages if required and watch officers, analysts, and scientists can read and interpret those messages, even if they are sent machine-to-machine.
Sparx Systems Support for NIEM
The NIEM-specific UML profile – which enables data exchanges to be modeled in tools like Sparx Systems Enterprise Architect – was released by the OMG in 2013. A recorded webinar (March 2016) which examining the benefits of using Enterprise Architect to model and define information sharing using the NIEM standard, is available on YouTube videos from Sparx Systems and can be viewed here:
Sparx Systems Enterprise Architect supports the representation of the NIEM as a Unified Modeling Language (UML) profile, providing the ability for users to automatically produce NIEM-conformant XML schema. The MDG Technology for NIEM facilitates the creation and development of IEPD models, by providing starter models, model patterns and a number of toolboxes, for creating IEPD models and schema models.
All of the NIEM specifications and naming rules are written into the NIEM-UML profile now built in in Enterprise Architect. The challenge of building a NIEM exchange for an organization is now simplified and automated, enabling architects and developers to finish sooner with a smaller budget and better quality assurance.
Complete IEPDs can be generated from IEPD models and NIEM conformant schemas from information models. NIEM Reference Schema can be imported into the model and NIEM subset namespaces, composed from elements of the NIEM Reference Schemas can be created along with PIM, PSM and Model Package Description (MPD) diagrams, using the NIEM Toolbox pages. By using the Schema Composer, subsets of the NIEM -core reference schema can be easily created, eliminating time consuming human error.
Sparx Systems Enterprise Architect is featured on the NIEM Tools Catalog.
Any business can benefit, from the solid foundation that standardization brings. The development of new technologies and opportunities, to share and enhance existing practices, are just two of the many benefits, to be derived. Furthermore the economies introduced by standardization dramatically reduce tooling and process duplication while increasing the competency of the work force while the efficiency and effectiveness of standards can ultimately save lives.
However, for enduring economic health and prosperity, the adoption of standards that support interoperability between business partners, is essential. In recent history there has never been a period of standards development like that which we are currently experiencing. Communication circles the globe in a click while global competition is on our doorstep 24x7 and legislation-driven change is creating a tsunami of disruption and opportunity where standards offer navigation and increased survivability.
Interoperability,- that is, the ability to transfer and use information in a uniform and efficient manner across multiple organizations and information technology systems- underpins the level of benefits accruing to enterprises, government and the wider economy through e-commerce. To enable two information systems to interoperate, they have to be implemented based upon a mutually agreed set of specifications covering both the business aspects (e.g. how the business activities of one party interact with those of its business partners, what the legal consequences of such interactions are, what information needs to be sent from one party to another, the semantics behind the exchanged information, etc.) and the technical aspects (e.g. what protocol and message format should be used to send information from one party to another).
Successful communication has traditionally been effected by laborious and error prone processes. It takes the “dedicated” quite some time, to gain a degree of familiarity with the dense and interconnected style in which XML schema specification is written. Most people simply cannot afford such a luxury. Meanwhile on the receiving end the user finds it very difficult to decide whether the error is in their schema/instance or a bug in their processor.
In the standards area the Schema Composer in EA 12 represents a key enabling technology. Standards and frameworks such as NIEM and SWIFT provide the grammar to communicate between organisations and at low level, this requires a common information model. The Schema Composer allows an organisation to quickly create XML files in XSD which specifies how to formally describe the elements in an XML document. This description can be used to verify that each item of content in a document adheres to the description of the element in which the content is to be placed, enabling propagation of data between different organisations. With these types of data interchange you want to be able to define various interchanges that support communication of details from sub-sections of your broader schema. For example, as a vehicle manufacturer you may want a data interchange with a parts supplier which involves a different data interchange that you would have to a retailer selling your models. These can involve different data sets, with specific data types, from the same overall schema.
For more information or to evaluate the Schema Composer please visit www.sparxsystems.com and download a copy of Enterprise Architect version 12
Enterprise Architect User Group
Sparx Systems hosted the 2015 Canberra Enterprise Architect User Group in April 2015. The User Group included a number of presentations from partners located across Australia, Asia and the US.
Chris Armstrong from the Armstrong Process Group presented on the National Information Exchange Model. His presentation also included a live demonstration that helped show how easy it is to build a schema using Enterprise Architect 12.
APG's mission is to "Align information technology and systems engineering capabilities with business strategy using proven, practical processes delivering world-class results.”
Sparx Systems invites you to the upcoming live event,
Enterprise Architect User Group - Canberra, April 2015
We invite you to the Sparx Systems Canberra User Group meeting to be held on Wednesday 15 April 2015. This meeting will introduce Enterprise Architect 12, NIEM, TOGAF and discuss aspects of the North American Market. The meeting will be held at the Auditorium in the Australian National Botanic Gardens from 3.00pm to 6.00pm.
Please book early as seats are limited. Refreshments will be provided.
This event will also feature the following Guest Speakers:
- Chris Armstrong, CEO of Armstrong Process Group (APG) presenting on TOGAF and NIEM
- Wally McLaughlin, Sales Director from APG will discuss the use of Enterprise Architect in North America
- Veritec will be presenting on how Enterprise Architect is being used at the Department of Finance
- OMNILINK will present on how Enterprise Architect is being used to improve software applications
- Scott Hebbard, Communications Manager at Sparx Systems, will provide an overview of Enterprise Architect 12
- Vish Viswanathan, Managing Principal of CC&C Solutions will discuss TOGAF and how to "go all the way with EA" to help customers
|Sparx Systems invites you to the webinar,|
Introducing Enterprise Architect 11
Enterprise Architect 11 will be a ground breaking, major release of Sparx Systems' award-winning modeling platform. With so many exciting enhancements in version 11, we want you to see why this release makes your modeling more productive than ever!
Join Tom O'Reilly and Ben Constable from Sparx Systems as they preview the release highlights:
- New tools that help business analysts work faster.
- Enhanced analysis and design tools for software and systems engineers.
- Cloud-based model deployment, superior diagramming, new and updated profiles and more.
Two live sessions will be conducted to accommodate attendees in different time zones on the 15th and 16th of April.
We invite you to register now: