SECTION 1

INTRODUCTION

1.1 BACKGROUND

Over the past several years, the Department of Defense (DOD) Intelligence Information System (DODIIS) community has jointly developed and benefited from a standard core of common intelligence processing systems. These systems have served the community well; however, many are reaching the end of their effective life cycle. DODIIS now must strive to maximize capabilities as a community. The DODIIS community must consider future development efforts as common development efforts. The concept of building common capabilities will reduce the cost of developing intelligence capabilities. DODIIS is also striving to incorporate as much commercial off-the-shelf (COTS) software as practicable to reduce software development and operations and maintenance (O& M) costs. In order for these types of common efforts to succeed, DODIIS must have a consistent standards-based architecture across the community.

1.2 PURPOSE AND OBJECTIVES

The purpose of the DODIIS Profile is to provide guidance to the DODIIS program and to individuals responsible for the procurement of hardware and software concerning the upgrade of existing intelligence capabilities and the implementation of new capabilities at DODIIS sites. Systems implemented in accordance with the DODIIS Profile will support the following DODIIS objectives [1] :

• Improve User Productivity by providing a consistent user interface, integrating applications within the work environment, and assuring access to all required data
• Improve Development Efficiency by developing common applications centrally, establishing a standards-based common infrastructure, maximizing use of COTS products, and promoting software reuse and resource sharing
• Improve Interoperability by developing a common communications and computing infrastructure, and implementing standards-based products to achieve vendor independence
• Improve Portability and Scalability by developing portable and configurable applications
• Reduce Life-Cycle Costs by increasing the use of shared resources through implementation of a common infrastructure, reducing software maintenance costs through the use of COTS, Government off- the-shelf (GOTS), and reusable code, and reducing training costs through implementation of a standard user interface
• Improve Security by implementing uniform security policy, a consistent security interface, common security mechanisms across DODIIS, and aligning the DODIIS security architecture with that which is defined in Volume 6 of the DOD Technical Architecture Framework for Information Management (TAFIM), DOD Goal Security Architecture.

1.3 Scope

The DODIIS Profile applies to upgrades of any DODIIS site hardware and software. An upgrade may be a complete change of the system at a site or be limited to selective modifications of existing systems at a site. The Military Services and commands are encouraged to apply the DODIIS Profile to lower echelons to ensure conformity across the DODIIS community. Another natural extension of the DODIIS Profile is to deployed tactical systems that interface with strategic DODIIS systems. However, interoperability with tactical systems is not fully addressed in this version of the DODIIS Profile. Subsequent versions will address tactical systems interconnectivity.

1.4 Approach

To address increasing interest and effort in the government in the area of information system standards, the Center for Information Management (CIM) of the Defense Information Systems Agency (DISA) has developed the Technical Reference Model for Information Management. Version 1.3 of the CIM Technical Reference Model, dated 31 December 1992, adopts the foundation work in the Institute of Electrical and Electronics Engineers (IEEE) Draft Guide to the POSIX (Portable Operating System Interface for Computer Environments) Open System Environment (P1003.0). The POSIX Guide provides an overview of open system concepts and their application, presents a reference model that defines system elements and key interfaces involved in application portability and system interoperability, and describes the services offered across these interfaces.

The CIM Technical Reference Model was integrated into the Technical Architecture Framework for Information Management as Volume 2, the Technical Reference Model and Standards Profile Summary . The TAFIM Version 2.0, published as a draft on 1 November 1993, provides enterprise-level guidance for the acquisition, development and support of DOD information systems and associated infrastructure systems. Volume 7 of the TAFIM, Adopted Information Technology Standards (AITS), provides a consolidated listing the DOD's adopted information technology standards. The AITS Version 2.0, published 2 August 1994, is the definitive set of information technology standards to be used in the DOD. The objective of the AITS is to provide consistent standards guidance across the Enterprise, Mission, Function, and Application levels of the DOD Integration Model. The structure of the AITS is aligned with the DOD Technical Reference Model. However, the AITS extends beyond the architectural goal structure of Volume 2 of the TAFIM to address additional Base Service Areas encompassing other standards outside the scope of the Technical Reference Model (e.g., process standards).

The DODIIS Profile, which uses the Technical Reference Model in Volume 2 of the TAFIM and the AITS in Volume 7, as a baseline, is intended to promote interoperability and portability throughout the DODIIS community. As such, the DODIIS Profile not only adopts the standards and specifications identified in the TAFIM that are appropriate to the DODIIS community, but also presents product selection guidelines for areas which are needed within DODIIS but are either outside the scope of the TAFIM or simply have not yet been addressed by the DOD system architects. In alignment with the TAFIM (and its DOD Technical Reference Model and AITS), the DODIIS Profile will evolve over time as new technologies and standards continue to emerge.

Also closely related to the DODIIS Profile is the DODIIS Client Server Environment (CSE) Integration Compliance Specification , dated 30 July 1994. The CSE Specification extends the DODIIS Profile to an acquisition/implementation level, acting as the bridge between the DODIIS Profile and site plans for upgrading their automated information systems. In particular, the CSE Specification defines the requirements of a common environment within which intelligence applications can be developed and operated with a minimum of duplicative functionality, a maximum of shared resources, and interoperability of information and functions. All future activities to update the CSE specification will adhere to the guidance provided in the DODIIS Profile.

Other documents closely related to the DODIIS Profile are the following documents which provide technical guidance for the DODIIS Migration System developers:

• Technical Architecture: The DODIIS Technical Architecture and Framework, September 1994, is the umbrella document that describes the components of the DODIIS Client Server Computing Environment and the high-level capabilities provided by each component.
• Infrastructure: Common System Services - DODIIS has implemented a standard set of system services for the client server-based environment through the DODIIS Client Server Environment (CSE) System Services (CSE-SS) implementation effort. These requirements are being implemented incrementally and are specified in DODIIS Client Server Environment System Services Requirements, February 1994. CSE-SS Version 1.2 and subsequent releases are to be used by Migration System developers during the re-engineering of applications.
• Integration Compliance: The DODIIS CSE Integration Compliance Specification, July 1994, specifies the requirements that applications must meet in order to successfully integrate into the DODIIS CSE- SS.
• Network: The DODIIS Network CONOPS and supporting documentation provides the network management and operational concept and supporting commercial products that will be used to manage the global network and provide global network services. Requirements for sites are also discussed and addressed.
• Security: The CSE Task Manager for Security has published DODIIS Security Architecture and Guidance (SAGD), September 1994, that discusses the future security approach for the community and provides minimum requirements for a client server computing environment.

To be consistent with the terminology used in the DOD Technical Reference Model and POSIX Guide, the DODIIS Reference Model (DRM) for the 1990s was changed to the DODIIS Profile of the DOD Technical Reference Model for Information Managementin 1993. The DRM was first published in October 1991. A draft revision was published in December 1992 to identify applicable security services and security standards. A formal revision was published in 1993. This 1995 revision updates the 1993 version of the DODIIS Profile.

1.5 Architecture Overview

Figure 1-1 depicts the following five basic elements of the generic DOD Technical Reference Model:

1. Application Software Entity
2. Application Program Interface (API)
3. Application Platform Entity
4. External Environment Interface (EEI)
5. External Environment

Figure 1-2 expands upon and tailors figure 1-1 to present the DODIIS Profile entities and interfaces. Note that figure 1-2 includes the service areas provided by the Application Platform and the addition of a Data Architecture entity. It is also important to point out that figure 1-2 only depicts entities, interfaces, and service areas, without implying interrelationships among the service areas. The remainder of this section provides brief descriptions of the elements of the DODIIS Profile. In terms of defining standards and presenting system implementation guidelines, however, the current version of the DODIIS Profile primarily addresses the Application Software Entity and Application Platform Entity.

In the DODIIS Profile, the term "data" refers to all types of information stored and used within the DODIIS community. In particular, data is defined to include the following types of information (see section 3.1 for a further discussion of the DODIIS data architecture):

Data consists of structured alphanumeric data; free-format text (record message traffic, wire service reports, documents, electronic mail, publications); graphics (illustration, drawings, charts, briefings, terrain data, visualizations); maps (analog and digital); imagery (photographs and other images); audio (voice, teleconferences, radio broadcasts, other recording); video (still and full motion, video recordings, teleconferences, and news broadcasts); and rule data (for expert systems)

Figure 1-1. Basic Elements of the DOD Technical Reference Model

1.5.1 Application Software Entity

Application Software is defined to be a set of instructions that operates on data. DODIIS applications are divided into support applications and intelligence applications. A common set of support applications forms the basis for the development of intelligence applications. In turn, intelligence applications should be designed and developed to utilize this set of common support applications to the maximum extent possible. Support and intelligence applications can be described as follows:

Figure 1- 2. The DODIIS Profile

• Support Applications Support Applications are common applications (e.g., word processing, spreadsheets, electronic mail) that can be standardized across individual or multiple intelligence areas. The services they provide can be used to develop intelligence specific applications and can be made directly available to the user. See section 3.2 for details.
• Intelligence Applications. Intelligence Applications support particular intelligence needs (e.g., IMINT, COMINT). The application software can be COTS, GOTS, custom- developed, or a combination of all of these. See section 3.3 for details.

1.5.2 Application Program Interface (API)

The Application Program Interface (API) serves a two-fold purpose: primarily as the interface between the application software and the application platform across which all services are provided, and secondarily as a means for platform services to directly access data. It is defined primarily in support of application portability, but system and application software interoperability are also supported via the communication services API and the information services API. The API specifies a complete interface between the application and the underlying application platform and may be divided into the following groups:

• System Services API includes APIs for Software Engineering Services and Operating System Services
• Communications Services API includes APIs for Network Services
• Information Services API includes APIs for Data Management Services and Data Interchange Services
• Human/Computer Interaction Services API includes APIs for Human/Computer Interface Services and Multimedia Services

The first API group, System Services, is required to provide access to services associated with the application platform internal resources. The last three API groups (Communication Services, Information Services, and Human/Computer Interaction Services) are required to provide the application software with access to services associated with each of the external environment entities. APIs for Security Services and System Management Services are included among all groups where applicable.

1.5.3 Application Platform Entity

The Application Platform is defined as the set of hardware and software resources that support the services on which application software will run. It provides services at its interfaces that make the implementation- specific characteristics of the platform transparent to the application software. Examples of Application Platform elements are an operating system kernel, a real time monitor program, and all hardware and peripheral drivers.

In order to ensure system integrity and consistency, application software entities competing for application platform resources must access all resources via service requests across the API. The application platform concept does not imply or constrain any specific implementation beyond the basic requirement to supply services at the interfaces. For example, the platform might be a single processor shared by a group of applications, or it might be a large distributed system with each application dedicated to a single processor. Also, DODIIS Profile guidelines do not specify any vendor-specific hardware platform. Hardware independence is achieved through the judicious specification of standards which promote portability and interoperability of the software products that are acquired for and developed by the DODIIS community.

System processing within a DODIIS site is primarily performed on a networked collection of workstations and servers. With respect to the DODIIS Profile, the term workstation refers to any device the user interacts with, including: 1) high performance workstations that may be configured with such items as mathematics and graphics co-processors, video and image compression cards, significant amounts of magnetic and/or optical storage, and high performance central processing units (CPUs); and 2) low end workstations, which are primarily used to access applications across a network, but are also capable of supporting a limited amount of local processing. Normally, mainframes or minicomputers will be used for server platforms, but in some instances workstations will also perform server functions (e.g., file sharing, network communications, or security management). Although support for existing applications requires that mainframes continue to be used to host large data applications in a terminal-oriented way, the DODIIS objective is to migrate to a distributed client server architecture.

The client server model affords a wide range of flexibility in configuring the server and workstation components, because the configuration of data repositories and processes may be localized, distributed, or remote, based upon site specific needs. The various components of the DODIIS Profile have well defined standard interfaces which foster applications interoperability and portability. DODIIS sites have a wide range of flexibility in selecting workstations and servers, as long as the configuration selected complies with the DODIIS Profile standard interfaces and application programming interfaces. Therefore, the selection and sizing of server and workstation components is, for the most part, site specific, aside from security considerations and application specific resource constraints.

In the DODIIS Profile, the Application Platform provides the following services to the Application Software and External Environment, through the Application Program Interface and External Environment Interface. (Section 2 contains further discussions of the services listed below.)

• Software Engineering Services. Software engineering services provide the basic syntax and semantic definition for use by a software developer to describe the desired application software function. See section 2.1 for details.
• Human/Computer Interface Services. Human/computer interface services define how users may interact with an application, within the context of the User Interface System Reference Model (UISRM) developed by the National Institute of Standards and Technology (NIST). Also part of this service area are the graphical user interface (GUI), which provides a user-friendly interface, and the style guides, which provide consistency in human/computer interface across applications and platforms. See section 2.2 for details.
• Data Management Services. Data management services provide access to and modification of data and metadata, regardless of its location (local or remote). See section 2.3 for details.
• Data Interchange Services. Data interchange services provide specialized support for the interchange of data between applications, independent of the platform(s) where the applications reside. See section 2.4 for details.
• Multimedia Services. Multimedia services provide functions required for creating and manipulating data, independent of the platform(s) involved. See section 2.5 for details.
• Network Services. Network services support distributed applications requiring access to distributed data, applications interoperability, and user-to-user information exchanges in homogeneous or heterogeneous networked environments. See section 2.6 for details.
• Operating System Services. Operating system services are the core services needed to operate and administer the application platform and provide an interface between the application software and the platform. See section 2.7 for details.
• Security Services. Security services are integrated within each service area and pervade these areas in one or more forms. See section 2.8 for details.
• System Management Services. Like security services, system management services pervade all the other service areas. Work is still in progress to define comprehensive standards within this area. See section 2.9 for details.

1.5.4 External Environment Interface (EEI)

The External Environment Interface (EEI) is the interface between the application platform and the external environment across which information is exchanged. It is defined primarily in support of system and application software interoperability. User and data portability are directly provided by the EEI, but application software portability is also indirectly supported by reference to common concepts linking specifications at both interfaces. The EEI specifies a complete interface between the application platform and the underlying external environment, and may be divided into the following groups:

• Human/Computer Interaction Services EEI. This EEI is the boundary across which physical interaction between the user and the application platform takes place. Examples of this type of interface include CRT displays, keyboard, mice, and audio input/output devices. Standardization at this interface will allow users to access the services of compliant systems without costly retraining.
• Information Services EEI. This EEI defines a boundary across which external, persistent storage service is provided, where only the format and syntax is required to be specified for data portability and interoperability.
• Communication Services EEI. This EEI provides access to services for interaction between internal application software entities and application platform external entities, such as application software entities on other application platforms, external data transport facilities, and devices. The services provided are those where protocol state, syntax, and format must be standardized for application interoperability.

1.5.5 External Environment

The External Environment contains the external entities with which the application platform exchanges information. These entities are classified into the general categories of users, information interchange entities, and communications entities. Users are not further classified, but are treated as an abstract, or average, person. Information interchange entities include, for example, removable disk packs, floppy disk, and security badges. Communications entities include telephone lines, local area networks, packet switching equipment, radios, and satellites.

1.6 DOCUMENT ORGANIZATION

The DODIIS Profile is divided into four sections, three appendices, a bibliography, a glossary and an index. Section 2 describes the services and standards adopted in the DODIIS Profile. Section 3 describes the Data Architecture and Application Software Entity of the DODIIS Profile. Section 4 provides information on the DODIIS Profile update procedures. Appendix A describes the User Interface System Reference Model (UISRM) developed by the National Institute of Standards and Technology (NIST). Appendix B provides information on each of the POSIX standards committees. Appendix C provides a mapping between DOD Network Service standards and Internet standards. The bibliography contains the applicable standards publications used in selecting the standards for the DODIIS Profile. The glossary defines the acronyms used in this document, and the index provides section references for the standards and specification defined in section 2 .

[Footnote 1]

For a detailed discussion of the objectives, refer to the Volume 2, Technical Reference Model and Standards Profile Summary of the DOD Technical Architecture For Information Management (TAFIM), as the objectives of the DODIIS are consistent with those identified in the TAFIM.