A tipping point for NIEM?
Policy initiatives have aided the fast adoption of information-sharing standards framework
In an ideal world, officials at different agencies and levels of government would be able to seamlessly share information as they work to stop an imminent terrorist attack.
In the real world, the push to improve information sharing in the years since the 2001 terrorist attacks has proved challenging. Information systems and people often have trouble communicating, which makes intelligence and law enforcement work more difficult.
To deal with the problem, the government has increasingly encouraged the use of information-exchange standards. By agreeing to use the same vocabulary and formats, agencies enhance their ability to share information with one another.
The emphasis on standards is not new, particularly in the law enforcement community, but officials say the latest framework, called the National Information Exchange Model, has achieved more widespread adoption. Unlike its predecessors, NIEM extends beyond law enforcement into emergency response, international trade and other arenas.
Tom O’Reilly, NIEM executive outreach director at the Justice Department, said he believes the effort has passed its tipping point and agencies will continue to adopt and integrate it into their operations. Justice is partnering with the Homeland Security Department to lead the NIEM effort.
Although the standard was launched less than four years ago, several policy initiatives have aided its quick adoption. Improved information sharing among state, local and federal governments had become a key concern of lawmakers, the Bush administration, and state and local law enforcement organizations when NIEM was introduced.
President George W. Bush signed the Intelligence Reform and Terrorism Prevention Act of 2004 just a few months before NIEM took off. The law called for the establishment of a coordinated, decentralized information-sharing environment that would connect systems to facilitate the exchange of terrorism-related information. The law also reorganized the national security agencies by establishing the Office of the Director of National Intelligence and the Program Manager of the Information Sharing Environment (PM-ISE) to coordinate efforts to share information.
Meanwhile, state and local authorities were establishing intelligence fusion centers to improve the sharing of information related to homeland security issues among state, local and federal authorities.
After the 2001 attacks, the degree to which agencies and their state and local counterparts were isolated from one another became clear, O’Reilly said.
NIEM piggybacked on the success of the Global Justice XML Data Model. By the time NIEM launched, Justice and many public safety departments were already using Global JXDM.
“NIEM was very quickly zeroed in on as a fundamental part of the standardization that is coming through efforts to establish” the federal information-sharing environment, said John Cohen, a senior adviser at the PM-ISE. “A common data standard is probably one of the three requirements that provide the fundamental foundation for information sharing,” and it is perhaps the most important.
The Bush administration’s National Strategy for Information Sharing, released in October 2007, designated state and local intelligence fusion centers as focal points for sharing terrorism-related information among state, local and federal authorities. It also called for the centers to achieve a baseline of capabilities. To that end, Justice published guidance last month that recommends NIEM as the model for exchanging information within fusion centers and with federal officials.
Meanwhile, the PM-ISE’s enterprise architecture framework incorporates NIEM and the UCore information-exchange specification for the intelligence and defense communities. The PM-ISE also uses NIEM in its effort to standardize the recording, sharing and storing of reports on suspicious activities.
“ If everybody can use a common data standard, it then almost becomes to some degree irrelevant, or much less important, whether you use Microsoft and I use Oracle because the data all resides in our system in the same way,” Cohen said.
“All of this gets even more satisfying if you do this more in the context of service-oriented architecture,” said Paul Wormeli, executive director of the nonprofit IJIS Institute and co-chairman of the joint
Justice/DHS NIEM Communications and Outreach Committee. The institute provides technical assistance and training for NIEM users, runs a help desk and publishes users’ guides.
At its core, NIEM gives users a standard vocabulary, guidance and processes to make data flow more effectively. Rather than integrate all state, local, tribal and federal databases, it outlines standards for exchanging information among them.
Officials say that without exchange standards, agencies at all levels of government would have to modify their systems to ensure that information could be exchanged, which is not feasible.
NIEM defines data components, such as people, places events and things, and provides a method for communicating that data using Extensible Markup Language. To share information, officials use a packet that has the correct NIEM structure and semantics. The specifications for particular data exchanges are stored as Information Exchange Package Documentation (IEPDs).
Officials say the NIEM clearinghouse has about 75 IEPDs for data exchanges, and state and local authorities have likely created many more or are in the process of creating them.
NIEM users fall into seven domain areas: emergency management, immigration, infrastructure protection, intelligence, international trade, justice and person screening. NIEM leaders have been aligning their efforts with data-standard initiatives under way in the defense and intelligence communities.
The importance of having information-exchange standards is not lost on Richard Mangogna, DHS’ chief information officer and a member of the NIEM Executive Steering Committee. Before joining DHS, Mangogna served as CIO at JPMorgan Chase.
He said the NIEM effort is similar to how the financial services sector manages data exchanges. A common standard helped companies avoid modifying entire systems when they needed to share information with new partners.
“Data management standards are probably one of the most important things that we can implement with DHS,” he said.
Although the financial sector is accustomed to sharing data in a uniform way, state, local and federal authorities have not always focused on extensive information exchanges, particularly before the 2001 attacks. However, that attitude is changing as local authorities begin to see the financial and mission advantages of using data exchange standards. Wormeli said 13 states have committed to using NIEM to share data related to law enforcement and homeland security.
Chris Rein, chief technology officer for the New Jersey State Police, said his state is building a NIEM-compliant system to continue sharing information with federal authorities. New Jersey is also building a NIEM-compliant database.
Rein said he sees two advantages to a standards-based approach: It’s vendor-neutral so it puts all of the vendors on a level playing field, and it provides common definitions to eliminate confusion about what different jurisdictions are referring to.
“The potential here is just astronomical in terms of getting things done better, quicker and at a lower cost,” Wormeli said.