FAQs
The SAVIN Training and Technical Assistance Project Team regularly collects, compiles, and catalogs documents, state statues, policies, sample publications, model training materials, public education templates, and other materials which can be found in the Virtual Library. These materials have been donated by programs across the country.
SAVIN Virtual Library
"Ethical and legal obligations compel every professional in the justice system to protect privacy interests when sharing justice information. Today, increased security needs not only dictate enhanced justice information sharing but also highlight the need to balance privacy protection and justice information access. The ease of digital access now makes analysis of privacy obligations a more complex process. Nonetheless, the underlying foundations for privacy policy exist in our current laws and customs. Constitutions, statutes, regulations, policies, procedures, and common-law requirements still control justice entity collection and sharing of information. What is new is the need for justice practitioners to articulate the rules that control their information gathering and sharing activities in a manner that both supports information sharing and protects constitutional privacy rights."
"Since September 11, 2001, enhanced justice information sharing has been shown to be critical to ensure public safety and homeland security. As agencies pursue the automated exchange of information in the public interest, it is equally as critical that decision makers vigorously strive to protect constitutional privacy rights. To this end, justice and public safety agencies must develop privacy policies to guide information exchange efforts and to clearly identify the rules that control their information sharing activities.
The Privacy Policy Development Guide is a practical, hands-on resource that provides justice practitioners with sensible guidance for developing a privacy policy. It assists agencies in articulating privacy obligations in a manner that protects the justice agency, the individual, and the public and makes it easier to do what is necessary - share critical justice information."
To read more about justice information sharing privacy and to access the above mentioned guide, click on the following URL:
Policy, Guidance and Fact Sheets: https://www.fema.gov/assistance/individual/policy-guidance-and-fact-she…
"The Georgia Tech Research Institute (GTRI) has played a key role in the design and implementation of NIEM since inception. Under a funding partnership with DOJ and DHS, GTRI works with the NIEM Business Architecture Committee (NBAC) and the NIEM Technical Architecture Committee (NTAC) to implement and refine the NIEM standards and data components to meet the cross domain information sharing needs of federal, state, local, and tribal stakeholders. This includes implementation of the latest NIEM 2.0 release and associated tools which can now be downloaded from www.niem.gov.
An SOA separates partner capabilities into distinct units, or services, which are accessible over a network so users can combine and reuse them in producing applications, receiving real-time information, reporting, performing investigations, etc.
A service, in the context of information exchange, is defined as a distinct function [or unit] that allows the consumer of information to locate and access the information being provided by an information provider. Services communicate with each other by passing data from one service to another, or by coordinating an activity between two or more services.
A Service Specification is a formal document describing the capabilities made available through the service: the service model that defines the semantics of the service by representing its behavioral model, information model, and interactions; the policies that constrain the use of the service; and the service interface that provides a means of interaction with the service.
A service specification is analogous to the software documentation of an Application Programming Interface (API). It provides stakeholders with an understanding of the structure and functionality of the service and the applicability to its implementation interface rules (policies). It gives service consumers the information necessary for consuming a particular service, and service providers the information necessary for implementing the service in a consistent and interoperable manner.
The Performance Reference Model (PRM) is a standardized framework to characterize the performance of information technology (IT) initiatives and their contribution to program performance. PRM can help produce enhanced IT performance information to improve strategic and daily decision-making; improve the alignment and contribution of IT to outputs and outcomes, thereby creating a clear "line of sight" to results; and identify performance improvement opportunities across traditional agency boundaries.
The Business Reference Model (BRM) is a function-driven framework for describing the business operations of the federal government independent of the agencies that perform them. BRM provides an organized, hierarchical construct for describing the federal government's day-to-day business operations.
On February 6, 2002, the development of a Federal Enterprise Architecture (FEA) commenced. Led by OMB, the purpose of this effort is to identify opportunities to simplify processes and unify work across the agencies and within the lines of business of the Federal Government. The outcome of this effort will be a more citizen-centered, customer focused government that maximizes technology investments to better achieve mission outcomes.
The FEA is a business-based framework for cross-agency, government-wide improvement. It provides OMB and the Federal agencies with a new way of describing, analyzing, and improving the federal government and its ability to serve the citizen.
A Business Focused Approach …
Drawing from lessons learned through unsuccessful architecture efforts in the past, the FEA is truly business-driven. As such, its foundation is a Business Reference Model
(BRM), which describes the government’s Lines of Business and its services to the citizen independent of the agencies and offices involved. This business-based foundation provides a common reference point and foundation for improvement in a variety of key areas, such as performance measurement, budget allocation, information technology (IT) redundancy elimination, cross-agency collaboration, and e-Government.
The Data and Information Reference Model (DRM) helps to describe the types of interactions and information exchanges that occur between the federal government and its various constituencies. It will categorize the government's information along general content areas specific to BRM sub functions and decompose those content areas into greater levels of detail, ultimately to data components that are common to many business processes or activities. DRM will establish a commonly understood classification for federal data and enable information sharing between agencies. A common data classification model will streamline the processes associated with information exchange, both within the federal government and between the government and its external stakeholders.
The Technical Reference Model (TRM) is a component driven, technical framework used to identify the standards, specifications, and technologies that support and enable the delivery of service components and capabilities. TRM provides a foundation to support the construction, delivery, and exchange of business and application or service components that may be used and leveraged in a Component-based or Service-oriented Architecture.
The Common Alerting Protocol (CAP) is a standard digital format for expressing the essential content of effective warning messages, regardless of the technology by which they'll be delivered. A single CAP message can be used to trigger sirens, the Emergency Alert System, Weather Radios, telephone notification systems and systems for people with special needs such as the deaf and hearing-impaired.
Click Here to read more about the Common Alerting Protocol (CAP).
All components of a Service Specification are compiled in a GRA Service Specification Package (GRA-SSP). The SSP is a portable, self-contained, and self-documented collection of service specification artifacts in .zip format. The SSP is human- and machine-readable and can be used independently or as part of a service registry and/or repository.
A federation member organization that vets individuals, collects attributes about these individuals, and maintains these attributes in an accurate and timely manner. The IDPO operates an Identity Provider (IDP), which is a software service that performs user authentication each time an individual presents himself or herself to the federation and assigns the current attributes about the individual for a given information technology session. These attributes are presented to Service Providers in the federation or on a federation-to-federation basis.
A federation member organization that provides one or more electronic information service(s) to the federation. Service Provider Organizations provide services to the federation via Service Provider, which are trusted software services. These SPs evaluate the set of Identity Provider attributes presented to them in a form that conforms to the GFIPM Web Browser User-to-System Profile [GFIPM U2S PROFILE], to determine what level of access to provide to each end user.
Information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.
A federation member organization that acts on behalf of one or more Identity Provider Organizations (IDPOs), acting as a trust bridge between those IDPOs and the Federation. A TIBO operates a Trusted Identity Broker (TIB), which is a software entity that provides the necessary cryptographic bridge and attribute translation capabilities to allow users from Identity Provider Organizations not in the Federation to access services in the Federation.