© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use DHS Interagency Targeting Architecture - Services Discovery & Recommendations

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Government agency co-sponsors for this project: – U.S. Coast Guard, –Customs & Border Protection, and –Immigration & Customs Enforcement, ■Under executive management by their Senior Guidance Team –DHS Program Manager: ■ Susan J. Henry ■ USCG Information Sharing Executive Agent ■ U.S. Coast Guard Headquarters ■ ■ (202) office Introduction Page 2

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DHS Interagency Targeting Architecture (ITA) - Services Discovery & Recommendations –Project Overview & Objective –DHS Maritime Targeting and Screening Components (DMTC) –DMTC Composition and Missions –Project Objectives –Project Approach –Observations and Recommendations –DMTC Service Context –CBP SOA –USCG SOA –DMTC Service Provisioning –Next Steps Agenda Page 3

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■SAFE Port Act (2006) mandated Inter-Agency Operations Centers (IOCs) ■DHS Maritime Targeting and Screening Components (DMTC) primary members include CBP, USCIS (ICE), and USCG ■Ongoing work includes: –People screening & targeting ■ Exchange of personnel & data between CBP & CG national centers. –Cargo screening & targeting ■ Joint Automated Commercial Environment Pilot ■ Directed by SGT in 2009; late 2011 pilot in Charleston. –Vessel Screening & Targeting –Joint Targeting Architecture Project ■ Requirements documentation to support efforts listed above, & to recommend shared services. Project Overview & Objective Page 4

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use DHS Maritime Targeting and Screening Components (DMTC) Page 5

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DMTC Primary roles: –CBP: Cargo screening & targeting –U.S.C.G: Vessel Screening & Targeting –ICE: People Screening & Targeting ■Integrated mission operations in Interagency Operations Centers (IOCs) DMTC Roles Page 6

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Objectives –improve integration of intelligence and operational targeting processes across partner agencies – serve as a reference to system planners and developers –assist in the develop an integrated targeting architecture –identify performance requirements for any shared services which may be derived from the architecture assessment, and recommended for future DHS or USCG capital investment ■Deliverables –Provide internal/external stakeholder visibility into ITA processes via architectural artifacts –DoD Architecture Framework (DoDAF) artifacts: ■ As-is Ovs, As-is SVs, To-be OVs ■Recommendations: ■ Align specified DMTC Business Functions to supporting system functions for translation into DHS services. Project Objectives, Deliverables & Recommendations Page 7

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Documented Current State (AS-IS) Operational Processes –Core processes for: ■ Cargo manifesting and entry ■ Crew and passenger entry ■ Vessel and container safety, security –Operational responses to various targeting stimuli –Organizational Structure ■Documented Current State Systems ■Proposed Future State (TO-BE) Operational Processes –Interagency Operations Center (IOC) at USCG Sector locations ■Assessed and derived Recommended Business Functions into Services Project Approach Page 8

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DMTC activities described through five operational response scenarios –Importation of counterfeit materials/merchandise –Stowaways –Narcotics –Certain dangerous cargo –Low-grade nuclear materials ■Core entry and targeting processes documented in Scenario “0” –Standard manifest and entry filings and targeting that occur for every cargo importation transaction –Standard advanced notice of arrival filings and targeting for passengers and crew –Standard notifications of vessel arrival and associated targeting Project Approach Scenario Basis Page 9

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Operational Views document the need of information to flow between nodes/roles ■Nodes/roles are based in the organizations ■Each needline has one or more information exchanges (IE) ■IEs can be shown in time-order ■IEs are mapped to interfaces between systems – each interface can support multiple IEs ■Each interface is detailed based on the data it carries Project Approach DoDAF Models Page 10

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Service discovery based on DMTC Business function definitions: –ITA Team developed hybrid OV-3 to SV-6 ‘bridge’ matrix –The catalog of Information Exchanges (IEs) from ‘bridge’ matrix include System sources and sinks ■Systems include DMTC ‘organic’ and legacy ■Legacy systems support major DMTC capabilities –Lack of available technical documentation –Systems research: ■ Used DMTC information where possible ■ Reliance on public sources for legacy systems –Research into these source Systems was detailed to define Business Processes (BPs) –BPs were aligned to IEs: Summarized & Ranked ■Identified candidate Services based on frequency of use Project Approach Page 11

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Investigated and documented shared service opportunities ■Assessed potential solutions for feasibility and affordability ■Align specified DMTC Business Functions to supporting system functions for translation into DHS services. ■Implement Organizational actions to facilitate service development as per DHS and DMTC policy ■Develop services and publish to DHS/DMTC Service Catalogs Page 12 Observations & Recommendations

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DHS SOA Policy provides framework for DMTC Service Recommendations ■Align to DHS SOA Goals, Governance, Categories DMTC Service Context Page 13 Source: DHS SOA Framework v 1.0 DHS SOA Oversight/ Governance Groups

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DHS SOA Goals of the implementation of the DHS SOA include the following: –Provide information sharing across DHS components and among DHS components and external agencies –Reduce the implementation of duplicative interfaces with external agencies and the implementation of the same capabilities in multiple DHS components –Foster greater reuse of existing services to reduce cost and maximize application efficiencies –Implement all modernized applications as a collection of services and ensure that services are not just used to share information among agencies or applications –Allow components to rationalize and modernize systems without impacting users of the information –Allow component systems and databases to be updated, merged, and/or rationalized DMTC Service Context Page 14 Source: DHS SOA Framework v 1.0

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use DMTC Service Context Page 15 Source: W. Tombe, CBP DHS Proposed Service Categories

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■Various SOA methodologies in place among DMTCs –The principle agencies have selected different protocols for developing their respective SOA –Not a major issue, but a consideration ■Must access legacy systems with aging mainframe technology ■Service provisioning is expected to evolve as a multi-lateral process – (e.g., CBP uses USCG-developed data packets, USCG uses ICE data packets). ■DMTC Service messages IAW National Information Exchange Model (NIEM) Information Exchange Package Document (IEPD) Specification IAW DHS policy DMTC Service Context Page 16

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■CBP Enterprise Technical Architecture (ETA) is comprised of three component architectures –Enterprise Technology Architecture –Enterprise Data Architecture –Enterprise Applications Architecture ■CBP ETA provides mandatory direction for designing and building CBP applications systems & incorporates the following: –CBP Strategic Architecture Principles –CBP Service-Oriented Architecture –CBP Application Integration Infrastructure and other direction ■“One major goal of this ETA is … sharing of information both between CBP systems and organizations and with groups outside of CBP.” CBP SOA Page 17 Source: DHS SOA Framework v 1.0

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use CBP SOA Page 18 Source: DHS CBP Service Lifecycle (briefing 6/2011) SOA Life Cycle Management CBP SOA: uses Simple Object Access Protocol (SOAP)

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■ SOA for the CG means … – Doctrine and event-driven, loosely coupled, asynchronous message based, business services ■Semper Paratus: Enterprise Architecture Realization (SPEAR) ■The SPEAR architecture is document oriented. ■A SPEAR Document is one that meets several criteria: –It belongs to the namespace –The root element is USCG Document. –It has a SPEAR header –It has a SPEAR body ■SPEAR architecture leverages the ESB as the primary mechanism USCG SOA Page 19 Source: USCG SPEAR Implementation Guide

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use USCG SOA Page 20 Source: CAPT Mike Ryan, Semper Paratus: Enterprise Architecture Realization (briefing 4/12/2011) SPEAR Example USCG SPEAR Service incorporates Representational State Transfer (REST) web services

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DMTC Services Technical Team should be responsible for the following: –Cataloging/prioritizing recommended system functions –Cataloging data structures associated with system functions –Developing a master data model based on all cataloged data structures –Developing transformation rules between component-level data structures and the master data model –Resolving data structure and data naming conflicts DMTC Service Provisioning Page 21

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DMTC Business Functions should now be analyzed to reveal the supporting system functions ■Some of these systems are legacy with poor documentation adding technical challenge ■System functions assessed for translation into DHS services ■DMTC participants coordinate Organizational actions to deploy services IAW DHS and Agency SOA policy: –Execute as per current policy where appropriate –Develop policy ‘flow-down’ from DHS SOA policy where necessary ■Develop services and publish to DHS/DMTC Service Catalogs Page 22 Concluding Recommendations

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use ■DMTC Governance: define Inter-Agency Agreement ■Develop Implementation Plan ■ Align Business functions to providing System Functions ■ Services extracted from providing System functions ■ Encapsulated as XML documents in accordance with NIEM IEPD methodology ■Form Integrated Project Team (IPT) as appropriate ■DMTC Stakeholders develop Service Level Agreements: Publish/Subscribe model ■Publish to DMTC/DHS Service Catalogs Next Steps Page 23

© 2011 The MITRE Corporation. All rights reserved. For Internal MITRE Use Questions? Thank you! Page 24