The Blog

DoD memo aims to goose data and IT services sharing through XML, APIs

Relevant links are at the bottom of this post.

In an effort to encourage the sharing of data, information and information technology services across the Defense Department, DoD Chief Information Officer Terry Halvorsen issued a memo directing military departments, defense agencies and others to adopt standardized, machine-readable information exchange practices.

According to an Aug. 3 memo (pdf) from Halvorsen, DoD components should consider using the National Information Exchange Model, or NIEM, for all new and modernized Extensible Markup Language, or XML, information exchanges. The DoD IT Standards Registry will designate and register authoritative data sources that should be “used to the maximum extent possible to improve mission effectiveness by enabling the reuse of visible, accessible, understandable, trustworthy, and interoperable data,” says the memo.

Through the use of authoritative data sources and improved metadata tagging, information and IT services will be more visible to authorized users and easily discoverable across the network, according to the memo. Halvorsen notes that metadata standards should comply with corresponding national or international consensus standards when possible.

“A common set of standards, protocols, and interfaces will be used to enable the sharing of DoD data, information, and IT services,” says Halvorsen.

“For existing systems, high-value data and content will be made available through web application programming interfaces (APIs) and apply metadata tagging, as appropriate,” the memo adds.

The use of APIs will ease not only information sharing across DoD, but also sharing with other federal departments and mission partners, says Halvorsen.

As part of DoD’s efforts to increase information sharing, it will protect data through appropriate identity and access management mechanisms, writes Halvorsen.

“Electronic data and information intended to be shared should, at a minimum, include associated security metadata identifying its classification determination, markings, disclosure, and handling rules in order to support access control,” says the memo.

For more:
– download the memo (.pdf)

Related Articles: 
DoD implements stricter cyber incident oversights, cloud computing guidelines
DHS official touts machine-to-machine cyber threat data sharing
API security takes myriad forms