Delivering SOLUTIONS for Secure Data Centric Services for information sharing and safeguarding
In Conversation with Mr. Michael Abramson, Founder of ASMG
How does ASMG ensure its standards and stand out from the competitor?
Increasingly, public, private and military organizations are being mandated to share information and collaborate with external agencies to deliver business/operational outcomes. This set of mandates impose an array of often conflicting sharing and safeguarding requirements: To dynamically expose or share information with selected partners; while providing adequate protection for sensitive, private, confidential, classified or legally significant information. This is further complicated by rapidly changing operational and business environments: changing partners, threats, and policy environments.
Many efforts to develop and sustain information sharing environments fall short of user expectations and operational requirements. Addressing the dynamics of real-world operations and the breadth of information sharing requirements, while at the same time protecting sensitive information have surpassed the capacity and ability of traditional information systems/services and development practices. They lack the precision, flexibility and agility to address real-world interoperability challenges.
ASMG evolved a solution developing, managing and automating information sharing and safeguarding policy, and worked through the Object Management Group to establish an industry and client consensus that can be referenced as a third party callup to an open standard, and not a product callup to our particular implementation of that standard. We of course benefit from a leadership position and having product capability.
What are the data security products and services provided by your company?
ASMG delivers the service underpinning information and safeguarding. ASMG proposes an operating concept and tools for the implementation, operation and maintenance of an Information Sharing and Safeguarding (ISS) solution that can be securely deployed to multiple data and security domains and operating environments (e.g., on-Premises, Deployed Platform, Cloud and Hybrid).
The solution delivers Data-as-a-Service (DaaS), including: Data Centric Security, Policy-Driven Data-Centric services & Integration interfaces.
ASMG proposes the implementation of a core set of services for a first SDS:
1. Semantic Processer; and Information Exchange Controller;
2. One Policy Enforcement Point (PEP) integration to the users’ middleware of choice;
3. The Policy Administration Point (PAP) to enable administration of the SDS during operations;
4. Development of a policy environment (semantic models) for a priority data domain;
5. Integration of the PPS, Firewall, Secure OS and user Data Store into a VM for deployment; and
6. Practices and procedures for operating the SDS.
All other capabilities can be evolved from that baseline configuration.
Smart Grid and cloud computing is emerging business today, how do you create, data and provide solution based on client requirements?
The IEF evolved out for a realization that many policies automation, sharing and safeguarding concepts being applied to the C4I domain equally applied to public Security and Safety, Healthcare, Government Programmes and Services, Financial Services, and more. The effort to develop standards for an Information Exchange (IE) Policy Language, IE Policy Enforcement Service and IE Policy Management Service was transferred to an OMG platform (cross domain) taskforce for development: Middleware and Related Services (MARS). The migration to MARS resulted in a re-hosting of several of its components under the Information Exchange Framework (IEF); The re-hosting of the other elements made the underlying concepts more meaningful to a broader range of communities.
The Common Object Interoperability Layer (COIL) – the intelligent agent – is a policy or rules based Secure data service. COIL provides a programmable, distributable data service which enforces architectural models which define data and information patterns (semantics) described in UML Class diagrams.
COIL implements an information exchange architecture consistent with the concepts of the Information Exchange Framework (IEF) which is being evolved by ASMG. The IEF is sponsored by Public Safety Canada and the Treasury Board Secretariat CIO, ·supported by the US Information Services Environment supports NIEM and Integrated Justice, defines the architecture framework, and ushers in message interoperability.
The IEF provides the holistic framework, within which a “target set of rules” are created to propel the organization’s information exchange activities. The instructions on creating such a ruleset have been defined already, and published as an OMG open standard, by ASMG. ASMG can normally generate these foundation information exchange policies from existing database or documented message exchanges, based on experience and in-house software.
ASMG can identify a prototype activity (demonstration) that would use a COIL like approach to manage and-or trigger a client’s information exchanges.
ASMG can demo typical information exchanges between autonomous organizations based on information content-based rules, and information exchange agreements which implement the IEF standard.
As one of the pioneers, what is the benchmark standard you want to set for the industry?
ASMG wants to set a benchmark in the Information Exchange Framework Reference Architecture
Arbitrates data from multiple sources and trigger the automated creation of a ‘message’ based on an information ‘event’ that Provides the content to a message distribution protocol agent to distribute the message.
What is the mission and vision of the company?
The Vision of the company is that ASMG can provide Leadership in the areas of Information Interoperability and Information Protection standards and solutions.
The mission of the company is to establish the capability, and pass on that capability to major players in the field as a proven and scalable architecture.
So far how was your journey? Can you brief about your Founder?
The Founder of ASMG, Mr. Michael Abramson is a senior consultant with more than 35-years of experience, comprising more than 50 projects, developing innovative information management, sharing and safeguarding solutions for public, military/security and private sector organizations. Mr. Abramson proposes a Data Centric Security Paradigm where security enforced data policy is expressed as independent of the of the infrastructure and application used to share and process that data. This has resulted in the publication of the Information Exchange Framework (IEF) at the OMG. A policy-driven data-centric solution to information sharing and safeguarding; and an open standard! In order to address the increasing levels of interoperability demanded by clients, Mr. Abramson maintains active participation in the open international standards development community – Chair C4I and IEF Working Groups at the Object Management Group; a Leading Standards Development Organization (www.omg.org); This engagement provides Mr. Abramson with up to date information on core topics to his consulting practice, including: Enterprise Architecture, System Assurance, Cloud Computing, IOT, Information Sharing and Safeguarding (ISS) and Cyber Security. Mr. Abramson is an active speaker at international conferences and standard bodies on the allocation of information sharing and safeguarding practices, standards in the areas of Cyber Security, Emergency Management, government operations, military operations, and public safety.
Mr. Abramson has contributed to or authored international standards including:
- Shared Operational Picture Exchange Services (SOPES: Authored);
- Information Exchange Packaging Policy Vocabulary (IEPPV: Authored);
- Information Exchange Framework Reference Architecture (IEF RA: Authored)
- Unified Profile for DODAF and MODAF (UPDM: Contributed).
Mr. Abramson currently Co-Chairs the Consultation, Command, Control, Communications, and Intelligence (C4I) Domain Task Forces (DTF), and the Information Exchange Framework (IEF) Working Group. While at OMG, Mr. Abramson also supports and contributes to other panels and Taskforces areas of Finance and Banking, Healthcare, Unified Architecture Profile, Middleware and Related Services, Standards Coordinating Council (SCC) and more. Through these affiliations he has champions the advancement of strategies, techniques, standards, and technologies in the area of “Policy-driven Data-centric Information Sharing and Safeguarding (IS&S). The goal is to enable broad-based intra and inter information sharing and safeguarding when delivering capability within inter-agency, intergovernmental, and international operations (eg. open data / open government initiative, programme delivery, supply-chain, national-security, cyber security, and emergency management, banking, healthcare and Regulatory Conformance).