SWIF Widget Lifecycle
The SWIF widget lifecycle describes how all of the SWIF components work together. Figure 3 shows the process of the SWIF Widget Lifecycle.analiza lo
Figure 3: SWIF Widget Lifecycle
- User logs onto OWF via a web browser.
- OWF retrieves the user’s preferences and displays the user’s OWF Dashboard that contains the widgets the user has selected to view.
- User-selected, MAC-enabled, SWIF widgets are loaded onto the dashboard.
- User interacts with the SWIF widgets that make calls to the secure database.
- Data requests from SWIF widgets use the Central Authentication Service (CAS) Single Sign-on to pass along the user’s credentials with each request.
- SWIF Services receive all security attributes from the user account.
- SWIF Services queries the secure database with the user’s security attributes. Since the queries contain restraints using the user attributes, no data is returned from the database that the user should not see.
- For additional security, SWIF services processes the data to ensure user’s security attributes match data’s security attributes.
- Requested MAC data returned to the SWIF widget.
Exercise and Usability Testing
After the development of the SWIF prototype, in January 2013, a three-day event was held at SSC Pacific to explore—with the planning community— the usefulness of SWIF in accomplishing their planning mission. It allowed the demonstration of SWIF as a proof of concept enabling users to actively use the prototype as part of their planning process. The event focused on capturing user community input on SWIF features as well as its operational impact. The participants included policy support personnel, experienced Combatant Command planners, Naval Postgraduate students, observers from Johns Hopkins University Applied Physics Laboratory, and developers from SSC Pacific.
The productive three days provided SSC Pacific with a set of improvements to SWIF. Stakeholders identified attributes that will help SWIF evolve to a refined planning system:
- Ability to identify or search for capabilities to achieve desired effects outside of the current system
- Ability to pull planning and intelligence data from other domains that can easily be manipulated and presented
- Ability to pull all related planning data from a cloud source to the current system
- Improve capabilities by allowing SWIF types of applications with inherited MAC and DAC into a cloud-based secure mail application, similar to Google, Amazon, and Yahoo
- Customer off-the-shelf products that users would like to see integrated with SWIF to include Google earth, Google Docs, Tablets, and Gmail
The event provided a means for users to align their work with SWIF and validate the usefulness of SWIF with its MAC and DAC implementation. Attendees saw the value of SWIF to provide key functionality to their planning mission, as well as the integration of COTS related products.
Operational Impact
The operational SWIF user receives many benefits from using the SWIF architecture including increase productivity, faster functionality, and even cost savings. Increased productivity for the users stems from SWIF enabling the user to get the right information more quickly. In particular the increased operational functionality of the SWIF to include double-blind matching web-based applications improves the user’s ability to match data in the database. Additionally, the interoperability of the SWIF widgets across different domains and networks allows different users to utilize the shared services, significantly decreasing the possibility of missing information due to differing classification levels.
The widget governance process also provides for faster delivery of functionality to SWIF users. The SWIF widget process uses a streamlined governance process, which embeds certification and accreditation, to shorten the delivery time. Small compact widgets, that don’t impact the underlying data for the PoR, in particular have a very quick accreditation process. Even the larger widgets have a smoothly planned process for integrating into the SWIF. This decrease in delivery time allows the user to benefit from new tools and updated tools in a timely manner.
Not only does SWIF and its widgets increase productivity and deploy new tools in a smaller time frame, it also offers significant cost savings for industry, academia, and the Department of Defense. The OWF that SWIF and its widgets are based on is an open source framework allowing anyone to build their own widgets for their own specific challenges. The widgets would still go through the governance process, but the use of the open source framework significantly reduces the barriers to entry in creating widgets. Additionally, the integration of the testing and accreditation into the widget process will reduce the maintenance needed on deployed widgets; the widgets are thoroughly tested before they are deployed, thereby reducing the errors and vulnerabilities once deployed.
SWIF may serve as a key technology is in command and control (C2). One of the driving forces of command and control is having access to a number of C2 capabilities and data sources in order to accomplish the mission. Current C2 systems and data sources are often independent of each other, limiting the commander’s ability to seamlessly reach across different systems and data sources to build the needed operational picture due to sensitivity, need to know, classification restrictions, or technology constraints. Even if the commander is given access to the information and capabilities, there exist some latency issues which may prevent the commander from getting the information in a timely manner.
SWIF allows for sharing of applications and information seamlessly with the DAC and MAC SWIF technical capabilities. It allows for a framework in which users are able to confidently and securely store information as well as share information on a need to know basis. It is a mechanism allowing for proprietary information from various classification levels to be shared in order to accomplish the mission. In addition, SWIF allows for the quick integration of widgets that allows planners and operators to be able to use the information in a secure manner without jeopardizing information that a specific person does not have the need to know.
Way Forward
Integration of the SWIF technology on two separate networks (high and low) will help meet the need to bridge the gap between highly classified networks and external networks, while maintaining security within a multi-level secure environment. SWIF’s open architecture framework will allow for rapid deployment of analytic planning and visualization applications for the planning community, while enforcing a MAC and DAC connection to a database. In addition, development of planning widgets that can retrieve row- and cell-level data from a MAC enabled database will allow for a more granular MAC labeling that will support planning at multiple security levels.
As the Department of Defense moves to implement the Joint Integrated Environment (JIE), the demand for multi-level security access, when only a select sub-group should have access to the information or the coordination of activities across agencies will significantly increase. The JIE will be a single joint enterprise IT platform that can be leveraged for all DoD missions.[7] In this case, the importance of enabling all partners to maintain control of access to their organization’s data while conducting coordination and operating in a shared network space will be even more important.
Outside of the military, there are other communities that could also benefit from an environment with a security MAC-based framework, enabling the coordination of activities, and sharing of select company proprietary information with select partners while protecting the rest of their intellectual property from disclosure. This is especially important for institutions that are responsible for the integration of information in a single repository allowing various permutations of information sharing between organizations. It will allow different types of data to include business proprietary, educational research, and Government for official use only to be shared amongst each other or groups of people. An example of the usefulness for a non-military entity is Federal Emergency Management Agency’s (FEMA) desire to improve the whole of community response to disasters. In this case, multiple federal, state and local authorities, as well as formal and informal non-governmental organizations would need to coordinate activities. Each organization has laws, rules, regulations, mandates or operating principles that dictate the use and sharing of information. This makes it impractical for the organizations to operate in a single, shared-information space; however a distributed architecture framework such as envisioned by SWIF would facilitate this coordination, allowing organizations to share information while controlling its distribution and access. SWIF provides the needed framework to enhance the sharing of different types of information seamlessly into one system to accomplish a goal or mission.
Endnotes
[1] : Duke of Wellington, cited in Louis J. Jennings, ed., The Correspondence and Diaries of the Late Right Honourable John Wilson Croker, Secretary to the Admiralty from 1809 to 1830 (London: John Murray, Albemarle Street, 1885), p. 276.
[2] : United States Joint Chiefs of Staff, Joint Vision 2020 (Washington, D.C.: United States Joint Chiefs of Staff, 2000, p. 8.
[3] : United States Joint Chiefs of Staff, Capstone Concept for Joint Operations: Joint Force 2020 (Washington, D.C.: United States Joint Chiefs of Staff, 2012), p. 4.
[4] : United States Chairman of the Joint Chiefs of Staff. Joint Vision 2020. Department of Defense. 2000. Pg. 8.
[5] : United States Navy, The U.S. Navy’s Vision for Information Dominance, (Washington, D.C.: United States Navy, 2010), p. 3.
[6] : United States Chairman of the Joint Chiefs of Staff. Joint Vision 2020. Department of Defense. 2000. Pg. ii.
[7] : Enabling the Joint Information Environment (JIE), (Ft. Meade, Maryland: Defense Information Systems Agency, 2014) p. 2.