joint protection enterprise network (jpen) · customs station in the port of new york and the coast...
TRANSCRIPT
Joint Protection
Enterprise Network
(JPEN)
This Brief is Classified UNCLASSIFIED
Mr. William Murphy, CellExchange
JPEN Business Analysis / Training
Date 16 April 2004
Overview
• The Need for Information Sharing
• JPEN History
• JPEN Information
• JPEN System Overview
• JPEN “At a Glance”
• JPEN and JWID
• Ongoing Efforts and Future
• JPEN User Interface Overview
• Q & A
• Conclusion
2
UNCLASSIFIED
UNCLASSIFIED
The Need for Information Sharing
3
UNCLASSIFIED
UNCLASSIFIED
The Need for Information Sharing (cont.)
4
UNCLASSIFIED
UNCLASSIFIED
“In virtually every major city and county in the United States, no interoperable
communications system exists to support city, county, state, regional and federal
response personnel during a major emergency.”Council on Foreign Relations
Independent Task Force on HLS (Gary Hart/Warren Rudman Co-Chairs)
October 2002
“We recognize that we have plenty of information, but we have been unable -
not necessarily unwilling - to connect that information, one of our highest
priorities will be to connect those databases.” Secretary Tom Ridge
Department of Homeland Security
27 January 2003
“What is needed most is the coordination and sustained attention to improvement of information systems so that they are interoperable and to the maximum extent possible consistent with security, eliminate barriers to information flow. What is missing is a federated effort to promote and coordinate these initiatives and to ensure they are effective and interoperable.”
Markle Foundation Task Force Report
“Protecting America’s Freedom in the Information Age”October 2002
The Need for Information Sharing (cont.)
5
UNCLASSIFIED
UNCLASSIFIED
“We usually are pretty good at sharing information vertically. But we need
technology that can share information horizontally that takes feeds from the
Coast Guard, Customs, the FAA and the FBI.” General Ralph Eberhart
Commander, USNORTHCOM
January 2003
“Achieving true homeland security requires technology that guarantees real-time information sharing and improves decision-making. For example, a border patrol agent in Tijuana must be able to communicate with the Customs station in the port of New York and the Coast Guard base in Miami on real-time basis.” Director Mitchell E. Daniels, Jr.
Office of Management and Budget
19 July 2002
“We need to be moving from a ‘need to know’ to a ‘need to share’
environment. We need to be migrating from protecting networks to protecting
information.” Maj Gen Dale Meyerrose
Director, Architecture and Integration
USNORTHCOM
25 September 2003
National Strategy for HLS—Jul 02
• Information sharing goals:
• Link knowledge resident at all levels of government
• Establish a “system of systems” that can provide the right
information to the right people at the right times
• Share information “horizontally” and “vertically”
• Define pilot projects to address immediate homeland
security requirements while laying foundation for
continuous improvement
6
UNCLASSIFIED
UNCLASSIFIED
Objective: Build a national environment that enables sharing of essential homeland security information
SECDEF Top 10—17 Sep 02
7
UNCLASSIFIED
UNCLASSIFIED
JPEN directly supports these priorities
1. Successfully Pursue the Global War on Terrorism
2. Strengthen Joint Warfighting Capabilities
3. Transform the Joint Force
4. Optimize Intelligence Capabilities
5. Improve Force Manning
6. New Concepts of Global Engagement
7. Counter the Proliferation of WMD
8. Homeland Security
9. Streamline the DoD Process
10. Improve Interagency Process, Focus and Integration
USNORTHCOM Tasks*
8
UNCLASSIFIED
UNCLASSIFIED
• Maintain & improve capabilities to defend the NC AOR
• Serve as the single US-only organization focused on HLD
• Deliver capabilities to address vulnerabilities & threats to the AOR
• Resolve overlapping command & control issues within the AOR
• Become DoD leader in interagency ops and HLD information assurance
• Establish innovative command and control constructs
• Proactive approach to information sharing
• Facilitate synchronization of national, state & local capabilities
• Establish extensive interagency liaison and be proactive in military
assistance to civilian authorities
• Be a leader in innovative practices in all areas related to HLD
• Lead agent for HLD/MACA concept and doctrine development
• Become center of excellence for countering and responding to WMD threats
JPEN directly supports these tasks
*USNORTHCOM Strategic Vision, 11 Sep 03
“... possibly the single-most
transforming thing in our force will
not be a weapon system, but a set of
interconnections and a substantially
enhanced capability because of that
awareness.”
Hon Donald Rumsfeld
Aug 9, 2001
Historic AT/FP Info Sharing
Service Based Force Protection
Communities
• Collecting different quantities and
levels of information
• Primarily shared within a Service
• Cross-Service sharing through
Joint Staff is uncertain
• Cross Service sharing is unreliable
92/4/2004
DoD Force Protection Information Sharing Today
DoDJoint Staff
CONUS PostsCONUS PostsCONUS CampsCONUS CampsCONUS Ports and Naval BasesCONUS Ports and Naval Bases
WashingtonNavy Yard
CONUS BasesCONUS Bases
Peterson AFBPeterson AFBPeterson AFBPeterson AFB
Ft CarsonFt CarsonFt CarsonFt Carson
MCBQuantico
MCBQuantico
MCBQuantico
MCBQuantico
WashingtonNavy YardWashingtonNavy YardWashingtonNavy Yard
Incident
Navy
CADS
Marine Corps
CLEOC
Army
COPS
Air Force
I2MS
FP information collection systems do not cross
communicate
OSD Direction
10
UNCLASSIFIED
UNCLASSIFIED
• DEPSECDEF Memo—2 May 2003
• Specified new reporting mechanism
for sharing non-validated threat
information—the TALON report
• Non-specific threats
• Surveillance
• Elicitation
• Tests of security
• Unusual repetitive activity
• Bomb threats
• Other suspicious activity
• Counterintelligence Field Activity (CIFA) will maintain data
for use by JITF-CT
Objective AT/FP Info Sharing
UNCLASSIFIED
Intel
Community
Net-Centricity Payoffs• Smarter Decisions based on…
More information• Better Collaboration based on…
Shared Situational Awareness
NORTHCOM
DoD
Joint Staff
CONUS PostsCONUS PostsCONUS CampsCONUS CampsCONUS Ports and Naval BasesCONUS Ports and Naval Bases CONUS BasesCONUS Bases
Peterson AFBPeterson AFBPeterson AFBPeterson AFB
Ft CarsonFt CarsonFt CarsonFt Carson
MCBQuantico
MCBQuantico
MCBQuantico
MCBQuantico
WashingtonNavy YardNavy YardWashington
Navy Yard
JPEN Supports:
• Enhanced FP situational awareness
of AOR events
• Enhanced sharing of FP data
currently not readily available
• Information sharing with key
intelligence agencies
• Timely cross-Service sharing of
events, notifications, and alerts
• Capability to share information with
interagencies
• Deliverable capability to JWID 04
for Interagency evaluationNavy
CADS
Marine Corps
CLEOC
Army
COPS
Air Force
I2MS
Joint Protection Enterprise Network
A Net -Centric Approach to DoD Force Protection Information Sharing
Incident
Interagencies
Service Ops
Centers
UNCLASSIFIED
JPEN Overview
• Rapidly prototyped system designed to disseminate
force protection information quickly
• Integrated information sharing among all users
• Horizontal and vertical
• Unclassified but protected
• Information encrypted and transferred over
NIPRNET/Internet
• IE 5.5 or higher—no special hardware/software required
• No licensing fees
12
UNCLASSIFIED
UNCLASSIFIED
JPEN History
13
UNCLASSIFIED
UNCLASSIFIED
CY 03 SepAugJulJunMayAprMarFeb DecNovOct
Program Management
responsibilities transfer
from JS/J6 to NC/J6 and from
CellExchange to SPAWAR
PA prototype
complete
Project PROTECT
AMERICA (PA)
started
Renamed
project VISION;
operational in
National Capital Region
Renamed JPEN
Per SECDEF
14
JPEN Pilot Locations
UNCLASSIFIED
UNCLASSIFIED
NORTHCOMFMMCSeattle RegionFt Lewis
McChord AFB
Everett Naval Station
Bremerton Naval Station
Bangor Naval Sub Base
NavMag
Whidbey Island Naval Station
Norfolk RegionNorfolk Naval Station
Norfolk Naval Shipyard
Norfolk Naval Air Station
Langley AFB
Ft Monroe
SJFHQ-HLS
JTF-CS
NORTHCOM
Domestic Warning Center
Domestic Events Officer
JPEN pilot capabilities expand in National Capital Region and to Norfolk and Seattle regions
NCRBolling AFB
Ft Myer/Ft McNair
Wash Navy Yd
MCB Quantico
Svc Ops Ctrs
Pentagon FP Police
Andrews AFB
Ft Belvoir
Ft Meade
Henderson Hall
Marine Barracks
8&I
CIFA
JITF-CT
Fed Agencies
JPEN Information
Threat and Local Observation Notice (TALON) Criteria
• Surveillance
• Bomb threat
• Elicitation
• Suspicious activities/incidents
• Repetitive activity
• Non-specific threats
• Tests of security
Force Protection Incidents
• BOLO (“Be On the Lookout”)
• Non-event
• FP incidents
• Vehicle Turnarounds
15
UNCLASSIFIED
UNCLASSIFIED
JPEN Benefits
• Timely horizontal and vertical information sharing
among Services and interagencies
• Data input once, immediately available to users at all
levels
• Meets DEPSECDEF reporting direction with no
additional hardware/software costs
• Existing NIPRNET/Internet computer, IE 5.5 or higher
• XML interface allows data sharing with other systems
• Component of NC AT/FP Toolkit
16
UNCLASSIFIED
UNCLASSIFIED
JPEN System Overview
UNCLASSIFIED
Receive
Analyze/
Correlate/
Filter
Northern Command
Analyze/
Correlate/
Filter
Services
Analyze/
Correlate/
Filter
Coast Guard
Analyze/
Correlate/
Filter
Other Subscribers
Alerts
Web Svcs. SmartPull
Web Svcs. SmartPull
Web Svcs. SmartPull
Web
Browser
PDA
Telephone
Inputs from Various sources
Shared
Databases
Posted Info/
Alerts/
Decisions &
Actions
Posted Info/
Alerts/
Decisions &
Actions
Posted Info/
Alerts/
Decisions &
Actions
Posted Info/
Alerts/
Decisions &
Actions
Receive
Receive
Receive
Receive Organize/
Format
Push/
Pull
Push/
Pull
Push/
Pull
Push/
Pull
JPEN Server
Software
• Oracle 9i database
• Advance Queuing (AQ)
• Oracle 9i Application Server
• Java JDK
• Java J2EE
• Apache Web Server
• Portal Engine
• CellExchange Correlator
• CellExchange Field Force
Automation
• CellExchange Sharp Statement
18
UNCLASSIFIED
UNCLASSIFIED
Hardware
• 2 x Proliant DL 580 G2 servers
• Windows 2000 Advanced Server
• 2GB RAM
• 2 x 2Ghz Intel Xeon Processors
• 900Gb disk SAN
• Redundant Power Supply
Minimum Client Configuration
19
UNCLASSIFIED
UNCLASSIFIED
• Processor – 500Mhz
• Memory – 128MB
• Video
• Screen – 1024x768
• Color – 32 bit
• OS – Windows 2000
• Browser – Internet Explorer 5.5 or higher
• 128 bit SSL
• JavaScript turned on
• Cookies turned on
JPEN Operations
UNCLASSIFIED
JPEN Web Server
NIPRNET
NIPRNET
HTTPS
VPN
HTTPS or Oracle Net
Services
NORTHCOM PA (PROD)
Windows 2000 Server
HTTPS
VPN
DoD Internet
Gateway
INTERNET
External Data Sources
PDA
Verizon
Wireless
HTTPS
over
VPN
Command Center Workstation
HTTPS
PA Infrastructure (PROD)
Windows 2000 Server
Warfighter Workstation
HTTPS
Warfighter Workstation
HTTPS
Warfighter Workstation
HTTPS
Warfighter Workstation
HTTPS
JPEN Data Flow Diagram
UNCLASSIFIED
IDAPAQServlet
PAPortalGateway
InQueue
EventReceiver
(PL/SQL)
Portal
Database
OutQueue
AdminServletServiceRequest (e.g.TSA No-Fly)
Management
Applications
SQL*Net
Publish XML over
HTTPS
(IDAP to Infrastructure)
XML over HTTPS
(SOAP to Infrastructure)
HTTPS
(From Browser and BeVocal)
XML over HTTPS
(IDAP from
Infrastructure)
HTTPS
Oracle9iAS, Corrlator,
SharpStatement, Field Force
Oracle9i RDBMS
JPEN Server
ErrorQueue
Scoring,
SharpStatement, and
FFA APIs
JDBC
Alerts, Notifications,
Reports over HTTPS
and SMTP (email)Alerts and Event for Publishing to System (JMS)
JPEN “At a Glance”
UNCLASSIFIED
Capable of collecting information
nationwide from approved sources
– DoD personnel, eventually law enforcement
and DHS personnel
– Information from other Government databases
outside of JPEN is not required
Protects privacy rights
– Human decision makers approve the transfer
of information
– Users can only obtain pre-approved
information
– Privacy Act information deleted after 90 days
unless part of an active investigation
Provides rapid feedback mechanism for
all subscriber organizations
– Alerts are shared with all subscriber
organizations
Allows the “smart-pull” of information
from Government databases
– Uses XML technology to interconnect legacy
systems
Adjustable alert thresholds
– User determines weighting criteria for alert
generation
Architecture permits subscriber organizations to control their own databases
– “Share” data rather than “own” data
– Permits fusion of threat information
Rapidly disseminates information to field agents while maintaining command authority
– Allows law enforcement personnel to quickly receive pertinent case information
Unclassified Operation– Negates the need for multi-level security
– Transparent Design allows public briefings on system architecture and operation
Data protected within the system– Only authorized users have access
Leverages all aspects of wireless and internet technology
– PDAs, Cell Phones, Pagers
– Accessed via Internet browsers on existing systems—no additional hardware/software
Incorporates Commercial Off-the-Shelf Technology
– System cost reduced by incorporating existing infrastructure
– Easily upgradeable with emerging internet technology
JWID Baseline Capabilities
• Automated alert via email, pager, and telephone
• No man-in-the-loop for alert distribution
• Expanded report generating feature
• Users define report details, frequency, and distribution –no system administrator coordination required
• Report emailed IAW user defined frequency and distribution list – no need to log on to JPEN to get report
• Improved mapping of user defined event categories
• Force protection events pushed to CIFA real-time
23
UNCLASSIFIED
UNCLASSIFIED
GOAL – “Fire and Forget” – No dedicated computer
terminal or constant operator monitoring
JWID Timeline
24
UNCLASSIFIED
UNCLASSIFIED
Transition
FY 04
SepAugJulJunMayAprMarFebJanDecNov
CellExchange/
SPAWAR
Transition Transition
To NC
1Transition to AT/FP Standard Tool
Suite
Develop
7
JWID AT/FP
Toolset
Integration
Coordination &
Integration with CIFA
Spiral Software Upgrade
JWID 04
14
JWID
Program
Integration
Preparation JPEN Preparation for JWID
AssessAssessment
ResultsJWID Mid Planner’s
Conf
26-30
JWID Final Planner’s
Conf
29-2
Deploy Develop and Execute Marketing and Deployment Strategy
Deploy in support of N-NC Requirements
(components & JWID participants)
Incorporate NC AOR AT/FP Rqmts
Ongoing coordination with monthly AT/FP Working Groups – NC & Components, DoD Agencies & Services
JWID AT/FP
Toolset
Integration
Planning
Work transition funding with JI&I
JFCOM JI&I Coordination
Execute Deployment Plan
Spiral Software UpgradeDraft NC AOR
AT/FP Requirements
Ongoing Efforts
• Incorporate NC AOR AT/FP requirements
• Integrate JPEN as component of NC standard AT/FP Toolkit
• Integration with existing AT/FP systems (i.e.—Cornerstone, ATEP, JRIES)
25
UNCLASSIFIED
UNCLASSIFIED
GOAL – JPEN data provided to all users who require the information
Future Requirements
• Integrate with Service-specific AT/FP reporting systems (i.e.—CLEOC, CADS, COPS, I2MS)
• Information captured/entered once, available to all
• User Feedback Capability
• Automated Alerting
• User-defined Geographic Area of Interest
• Expanded Report Generating Capability
• Improve Mapping Capability
26
UNCLASSIFIED
UNCLASSIFIED
Login
27
UNCLASSIFIED
UNCLASSIFIED
Home View
28
UNCLASSIFIED
UNCLASSIFIED
Event Assessments
29
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Provides each installation assessment based on locally-defined weights
- Partitioned bar allows for visualizing weight of event IRT threshold
- “Hovering” cursor over partition provides “quick look” of event
Benefits:
- Provides “quick read” situational awareness of event assessment
- Ability for one installation to view how others perceive events as they occur
- Color code provide view towards threshold
-- Red > 100%, Orange: > 75%, Yellow > 50%, Blue > 25% & Green < 25 %
Force Protection Levels
30
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Provides installations current Force Protection Level
- Amplifying information: Reason for Level and additional measures being undertaken
Benefits:
- Provides “quick read” of current Force Protection Level at installation-selectable locations
- Allows for cross-checking security procedures
Issue Alerts/Notifications
31
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Ability to perform notification of impacting events
Benefits:
- Provides for manually generating alerts
- Provides for associating alerts with events
- Provides for notification of associated events to other installations
Collaboration
32
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Easy access to SBU collaboration tools
- Currently asynchronous. Chat, etc. coming
Benefits:
- Accelerates command center to command center collaboration
Event Log
33
UNCLASSIFIED
UNCLASSIFIED
Feature:
- List of JPEN Events based on installation preference
- Ability to update events by “owning” installation and selected users
- Filter and search capability to refine view
Benefits:
- Delivers appropriate information
- Flexible to meet unique filtering
- Rapid access to event details
Report View
34
UNCLASSIFIED
UNCLASSIFIED
Report View (cont.)
35
UNCLASSIFIED
UNCLASSIFIED
Search Events
36
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Advanced search w/ pre-defined query
Benefits:
- Ability to query event logs
Post Events
37
UNCLASSIFIED
UNCLASSIFIED
Feature:
- Tool to aid input of events IAW TALON Format
-- Event Details, Incident Details, Additional
Items (Individuals & Vehicles), Actions taken
Benefits:
- Common incident detail structure
- Maximizes data fields for tracking events
- Consistent with OSD TALON directive
Backup
38
UNCLASSIFIED
UNCLASSIFIED
Comparison with other DHS Programs
39
UNCLASSIFIED
UNCLASSIFIED
Pro
tect
Am
eri
ca
FEATURES
PROGRAMS
Nationwide Data Collection
XML Database Translation
Collaboration Capability
Totally Unclassified Operation
Indications and Warning
Organizations Control Their Data
Incorporates Data Mining
Uses Existing Databases
Leverages COTS Products.
Scaleable to Multiple Agencies
DA
RP
A G
en
isys
RIS
S
DA
RP
A T
IA
DA
RP
A G
en
oa II
IMM
AC
CS
HD
C2 A
CT
D
GIS
HS
ISS
CT
-Lin
k
OS
IS E
xp
an
sio
n
Serves Multiple COII
NoYesLegend
Best-
IN-U
S
HIR
TS
Th
reat
Man
ag
er
RIS
S/L
EO
JPEN Timeline
40
UNCLASSIFIED
UNCLASSIFIED
Briefings Meetings Reports
Jun Jul Aug Sep Oct Nov Dec Jan
CJCS “Be Bold”
Guidance
POTUS HLS Strategy
Feb
OSD, FBI, OHS Workshop
Mar Apr May
Initial Coord w/ CEE
CDRUSNORTHCOM
SecDef Top 10
Hart/Rudman HLS ReportMarkle Foundation TF Report
JS/NORTHCOM/OHS Workshop
NORTHCOM TasksOSD, FBI, OHS Workshop
Dr. Schlesinger
ASD C3I/OSD HLS TF
Svc Chiefs/CBT CDRS
USD (P)
SECDHS
OSD GC / IG / LA
DepSecDef
ASD (C3I)
DepSecDHS
SecDef
DepAG
DepSecDef/VCJCS
CJCS Vector Check
FBI Director
MITRE Offsite
Service OPSDEPS
HQ AF 3-Ltrs
DOE/DIR SO
Fed. Register
Privacy Act
CellExchange Contractor On Board
CellExchange Contractor
SPAWAR Contractor
FOC NCR
FOC SeattleFOC Norfolk
Spiral 2 Release
Spiral 3 Release
Transition to
NORTHCOM
SecDHS
CJCS
National Strategy for HLS—Jul 02
DoD
• Responsible for protection of Defense Industrial Base
Critical Infrastructure at key areas
• Plan for military support to civil authorities
DHS
• Enable seamless communications among all responders
• Integrate information sharing across federal, state and local
government, private industry and citizens
• Adopt common metadata standards for electronic
information relevant to Homeland Security
41
UNCLASSIFIED
UNCLASSIFIED
JPEN supports integration of these tasks
JPEN/TIA Differences
42
UNCLASSIFIED
UNCLASSIFIED
JPEN TIAOperational system that shares
information and automatically
generates alerts based upon threat
information
No Data Mining—Records Check
Unclassified Components
Primarily COTS-based
Enables Homeland Security Command
and Control
Operational Guidance from DoD/DHS,
eventual system transition to DHS
Undeveloped system intended to
develop a variety of technology efforts
covering data mining, link analysis,
human language translation and
biometrics
Data Mining – Attempts to Recognize
Patterns Characteristic of Terrorist
Activity from multiple sources
Classified Components
Developing new technologies
Intelligence related
Operational guidance from and
eventual system transition to the
Intelligence Community