Building Federated Search Capabilities for Homeland Security and Law Enforcement Partners

Since 2007, authorized federal, state, local, and tribal law enforcement officers and analysts have been able to access resources on Sensitive But Unclassified (SBU)/Controlled Unclassified Information (CUI) systems beyond their “home” systems without having to logon to each system separately. For example, users of the Criminal Justice Information Services’ (CJIS) FBI’s Law Enforcement Online (LEO) system, the Chicago Police Department’s internal system, and the Pennsylvania Justice Network (JNET) have been accessing resources on the Regional Information Sharing Systems’™ (RISS’s) RISSNET by clicking on the appropriate links on their home system’s website. In turn, authorized RISSNET users have been able to access resources controlled by the U.S. Department of Justice (DOJ) in a similar manner. The technology that provides this capability is known as federated identity simplified sign-on.

Making it easier for law enforcement officers and analysts to access critical information on multiple SBU/CUI systems through simplified sign-on was the first important step in bringing the right information to the right people at the right time. The next step is to provide law enforcement officers and analysts with a tool that will allow them to find the critical information they need with even less effort by allowing them to search for critical information across multiple SBU/CUI systems at one time without having to “go to” each target system. The technology that provides this capability is referred to as secure federated search. The exact results returned to a user using secure federated search are under the complete control of the owner of the information. Each user will receive only the information that is appropriate for their particular level of authorization.

To create this capability among the four SBU/CUI systems – FBI’s Law Enforcement Online (LEO), the National Security Agency’s (NSA) Intelink-U, Department of Homeland Security’s (DHS) Homeland Security Information Network (HSIN), and the Regional Information Sharing Systems’™ (RISS) RISSNET  – a common framework, including data models and schemas, must first be developed. To accomplish this, the office of the Program Manager for the Information Sharing Environment (PM-ISE) identified the National Information Exchange Model (NIEM) Information Exchange Package Documentation (IEPD) as the best means of capturing the details of this information exchange. To assist the four SBU/CUI system partners in the development of the SBU/CUI Federated Search IEPD, the PM-ISE awarded implementation assistance funding to RISS. The project was initiated on October 1, 2011 and is scheduled to be completed by September, 30, 2012.

During this effort, RISS has coordinated with staff from the partner SBU/CUI systems to develop the IEPD that will define the search methodology and data exchange between the four systems. The resultant IEPD will contain the set of normative exchange specifications, examples, metadata, and descriptive documentation. The finished product will also take into account work currently being done by DHS to create an SBU/CUI Interoperability Standards Assessment based upon Global Federated Identity and Privilege Management (GFIPM) standards.

At this point in the project, all four partner systems have agreed on the search methodology and are in the process of reviewing drafts of the content of the IEDP. Once completed, the four partner agencies will look for ways to implement this important tool and provide access to federal, state, local, and tribal law enforcement officers and agents, intelligence analysts, and homeland security personnel to help them combat terrorism and other crimes.