Department of Defense Net-Centric Services Strategy: Strategy for a Net-Centric, Service Oriented DoD Enterprise The DoD NCSS builds upon the DoD Net-Centric Data Strategy’s (May 2003) goals of making data assets visible, accessible, and understandable. This strategy establishes services as the preferred means by which data producers and capability providers can make their data assets and capabilities available across the DoD and beyond. It also establishes services as the preferred means by which consumers can access and use these data assets and capabilities. The Department of Defense (DoD) Net-Centric Services Strategy (NCSS) reflects the DoD’s recognition that this service oriented approach can result in an explosion of capabilities for our warfighters and decision makers, thereby increasing operational effectiveness. A service oriented approach can accelerate the DoD’s ongoing effort to achieve net-centric operations by ensuring that our warfighters receive the right information, from trusted and accurate sources, when and where it is needed. Department of Defense DoD _8cbf4c06-acba-11df-868f-560c7a64ea2a John S. Grimes DoD Chief Information Officer, Assistant Secretary of Defense for Networks and Information Integration The DoD’s vision is to establish a Net-Centric Environment (NCE) that increasingly leverages shared services and Service Oriented Architecture (SOA) that are: Supported by the required use of a single set of common standards, rules, and shared secure infrastructure provided by the Enterprise Information Environment Mission Area (EIEMA); Populated with appropriately secure mission and business services provided and used by each Mission Area; Governed by a cross-Mission Area board, which is chaired by the DoD Chief Information Officer (CIO); Managed by Global Information Grid (GIG) NetOps. _8cbf5020-acba-11df-868f-560c7a64ea2a This document describes the Department of Defense’s (DoD’s) vision for establishing a Net-Centric Environment (NCE) that increasingly leverages shared services and Service Oriented Architecture (SOA). _8cbf5138-acba-11df-868f-560c7a64ea2a Provide Services Make information and functional capabilities available as appropriately secure services on the network. _8cbf520a-acba-11df-868f-560c7a64ea2a 1 Users create services on the network to share information and to provide functional capabilities. These services are discoverable and can be accessed and used by authorized consumers in the enterprise. Services can be built or acquired in different ways, and in each case the following actions must be performed— Provide a description of the service and publish it to an enterprise service registry Build, appropriately secure, and operate the service Manage the performance and lifecycle of the service. Mission and Business Services Provide Mission and Business Services _8cbf52dc-acba-11df-868f-560c7a64ea2a 1.1 DoD Business Areas Warfighters The Business, Warfighting, DoD Intelligence, and Enterprise Information Environment Mission Areas will define the mission and business processes and the specific information and functional capabilities that support them. As the NCE evolves, users will provide their information and functional capabilities to the enterprise as services. These services may be implemented by modifying and re-using existing IT systems or through new developments. 92cd2036-2671-4367-aad8-22f9e25da872 da1b2b2c-c22c-443c-bbdf-6bc7bb993b13 Enterprise Services Provide Core Enterprise Services (CES) _8cbf53c2-acba-11df-868f-560c7a64ea2a 1.2 Core Enterprise Services (CES) are a small set of services provided by the EIEMA. Some of the CES services will be centrally provided on behalf of the DoD while others might involve local provisioning. For locally provisioned services, EIEMA provides guidance to ensure consistent implementation throughout the DoD. be37d5bb-5ced-47ce-886d-b63e34d9f89f 3cc05302-ca65-46fd-b90c-7f86270f37b1 Visibility Make Services Visible _8cbf54a8-acba-11df-868f-560c7a64ea2a 1.3 Providers of services must register their services in the enterprise service registry (i.e., publish the metadata describing their services) to ensure that potential users will be able to discover the service. The enterprise-wide service registry will enable all users in the enterprise to find and understand what services already exist, thus facilitating reuse and avoiding investment in the creation of new capabilities. c9eb45a9-8865-42e2-ab7b-339eea7d3b1d ea0501ad-4382-422c-8402-34a041180a9b Accessibility Make Services Accessible _8cbf55e8-acba-11df-868f-560c7a64ea2a 1.4 Users must not only have the ability to discover services, but must also be able to access them in a timely, secure, and effective manner. Service accessibility is controlled by security mechanisms that determine access roles and rules. Decisions on service accessibility are made and implemented by the organizations providing the service based on a variety of factors. However, service providers must use the core security services provided by the EIEMA to ensure that widest possible access is supported. e9792773-b078-4295-8779-37b933e1f50e 57a3b8a6-de0c-4361-91b7-85c45e6f4c7c Understandability Make Services Understandable _8cbf56ce-acba-11df-868f-560c7a64ea2a 1.5 Providers of services must use a common set of service description information to enable consistent discovery by users throughout the enterprise. A Service Specification Template (SST) will serve as the common model for providing service description information. The SST will capture, at a minimum, the following information about a service: What the service does How users can access the service Which security mechanisms or restrictions apply to the service Various points of contact for the service (e.g., the name, contact information for the service provider) Service-level characteristics Performance information. In addition to descriptive information about services, Communities of Interest (COIs) will define the vocabularies and business rules that underlie the implementation of services. This will help ensure that the inputs and outputs for a service are well-understood and consistent within a functional community (e.g., all services that provide satellite situational awareness will use consistent terminology and rules for providing information back to users). Key Action: 1. Execute PDM-III Core Services Recommendations. Outcome: Expedite delivery of the CES that constitute the common, shared secure infrastructure of the net-centric services vision. 83b6a752-1cd0-4c41-b294-7883c09539bf 8ee95d4f-d210-4a17-9869-f2a909ada41a Use Services Use existing services to satisfy mission needs before creating duplicative capabilities. _8cbf57b4-acba-11df-868f-560c7a64ea2a 2 Warfighters Analysts Operators Developers The first preference of users (i.e. warfighters, analyst/operators, developers) is to use existing services to satisfy mission needs. Common Practice Use Services as a Common Practice _8cbf5962-acba-11df-868f-560c7a64ea2a 2.1 Users recognize the value of information and capabilities that can be found on the network. Accordingly, existing services can be used to obtain information to support decision making processes and to execute various aspects of the warfighter and analyst missions. Developers will construct new business/mission processes by using or modifying existing services provided by Mission Areas before promoting investments in new services and systems. All users will then provide feedback (i.e., details concerning the perceived value, performance, usability) on the various services they use. Key Action: Establish a business process and model for provision and use of services. Outcome: Promote the funding, acquisition, creation, management, and use of services through changes to DoD decision support processes (e.g., JCIDS, DAS, PPBE, PfM) abb9dcaf-12d3-4adc-b3ad-2dde9cd288e8 d36456de-bc2f-4bfb-a709-b6233129dc4e CES Use CES _8cbf5a7a-acba-11df-868f-560c7a64ea2a 2.2 The DoD CIO will mandate the use of some CES as they mature. Their use is mandated to enable networked joint force capabilities, improved interoperability, and increased information sharing across Mission Area services. Key Action: Develop education and training on services and SOA. Outcome: Awareness and understanding of services and SOA principles will increase through the use of institutional educational resources (e.g., DAU, NDU Information Resources Management College) e911a80b-634c-4e7b-95ac-fddb2b1a6fb3 e96eaa12-d616-46ad-a327-1ff7c646f7c2 Govern the Infrastructure and Services Establish the policies and processes for a single set of common standards, rules, and shared secure infrastructure and services throughout the DoD Enterprise to ensure interoperability. _8cbf5b88-acba-11df-868f-560c7a64ea2a 3 Governance means establishing and enforcing how DoD Components and mission partners, on behalf of the Mission Areas, agree to provide, secure, use, and operate services. There are three elements to governance: 1. Identifying the attributes for providing, securing, using, and operating services that have to be governed and what level of governance is required 2. Establishing lines of responsibility, authority, and communication for making decisions about services across the lifecycle of services 3. Establishing the measurement, policy, and incentive/control mechanisms to ensure that individuals and organizations carry out their responsibilities. Governance of a single set of common standards, rules, shared secure infrastructure, and services throughout the DoD Enterprise requires governance at various levels in the DoD. This layered approach is analogous to the approach used to govern sports leagues. In a sporting league, each team maintains its own governance (e.g., training regime, coaching, concessions, and some elements of the venue); however, when teams compete, there is a set of rules and responsibilities that all teams agree to follow (i.e., specifics of the field of play and permissible equipment to ensure a fair competition). Similarly, under the net-centric services vision, each DoD Component or program will maintain its own governance for things such as commercial middleware choices or contract management; however, when services are shared, the provisioning, securing, use, and operation will be governed in accordance with an additional set of attributes. It is the intent of the DoD CIO to develop an enterprise governance process and to limit enterprise governance to those attributes critical to the realization of interoperable, shared services throughout the DoD and mission partners. There will be specific capabilities that require additional governance. One specific example is an enterprise capability delivered through a federation of services; in other words, a federated capability. In this strategy, a federated capability is defined as one that has the following characteristics: It is implemented using information sources or capabilities from a variety of service providers who are distributed across the enterprise and All service providers contributing to the federated capability agree to the definition of the service (i.e., the functionality being provided), the service interfaces, the service security properties, the semantics and structure of its payload, and the operational performance characteristics. The additional governance required by the federation of services is defined by, agreed to, and mutually enforced by the distributed set of providers across the enterprise. The Enterprise White Pages is a specific example of a federated capability. Each of the DoD Components and mission partners maintains an authoritative directory of users who will become part of the federation. Each member of the federation participates in defining the service interfaces, data items, and data quality for the directory, and enforces those definitions locally. As a result of this federation, users on the GIG will be able to search for locator information on any individual in the GIG. The DoD CIO will govern the use of federation in the DoD Enterprise services environment to ensure that the various federation management models are consistently applied and understood. Key Action: Update appropriate policies and provide implementation guidance to codify use of services and SOA. Outcome: Establish DoD services and SOA governance through policy and guidance (e.g., DoDD 8100.1 and DoDD 8115.1; GIG Architecture Framework; Net-Centric Implementation Documents) Governance Forums Establish Appropriate Governance Forums _8cbf5caa-acba-11df-868f-560c7a64ea2a 3.1 Governance forums will be required at various levels across the DoD Enterprise and with mission partners. To achieve this net-centric services vision, governance will have to be implemented at the DoD Component, Mission Area, Enterprise and external partner level. The elements of governance at each of these levels will need to be defined and coordinated to ensure appropriate attention without unnecessarily limiting agility. a5821b49-445d-4d1d-a3f5-d113b7466c0e 1e1c4d36-15b5-4922-9fa2-ad7904d81d63 Trustworthiness Enable Services to be Trusted _8cbf5e08-acba-11df-868f-560c7a64ea2a 3.2 A range of mechanisms enables the trusted use of services from many different providers. The SST and registries provide means of delivering validated information on the identity of providers and the capability of their services to both anticipated and unanticipated consumers. Services will be published in the registry with stipulation of the specific performance and security characteristics as described in the SST. Users with appropriate and authenticated credentials will be able to use registered services under those published terms. In other cases, depending on the criticality of the mission, users of the services may need to negotiate specific performance guarantees in service level agreements (SLAs). 33f7a59a-9a5c-4718-99ab-fdc90b5f5b64 e5e9d5ab-8be4-4d30-b979-1bd64462b45c Decision Support and Portfolio Management Integrate Service and SOA Enablers into Decision Support and Portfolio Management Processes _8cbf5f66-acba-11df-868f-560c7a64ea2a 3.3 It is critical that the DoD’s key processes support the services lifecycle in the Enterprise. This includes acquisition, testing, certification, accreditation, and portfolio management. The DoD CIO will work closely with the decision support process owners to adjust and enhance their processes to support the development of shared secure services, encourage the use of existing services, and to help guide programs and architects in developing services that are aligned with the business processes and activities necessary to carrying out their missions. Portfolio managers will continually assess the use of services and adherence to COI-defined vocabularies and business rules in executing mission and business processes. The DoD’s tools and processes will be updated to support services and SOA constructs. 8a25f342-9501-4f4b-b1fb-e1c7725df9a0 98e5231a-e27b-41c3-8422-5d199487671d Monitor and Manage Services via GIG NetOps Implement services in accordance with DoD’s GIG NetOps Strategy and concept of operations to ensure situational awareness of the NCE. _8cbf60d8-acba-11df-868f-560c7a64ea2a 4 As services are used across the Enterprise, consumers must know if services cease to function, are no longer available, do not operate as described, or have changed. SLAs must be defined to describe the reliability and performance of services to consumers. In addition, service providers must be monitored to ensure that they are meeting SLAs. All services must be implemented in accordance with the DoD’s GIG NetOps Strategy and concept of operations. Service providers must provide visibility into the real-time operational status and performance of their services against service-level agreements associated with their use. GIG NetOps, through its federated construct, is also responsible to manage service operations to ensure the NCE is protected, that service security is not compromised, and that priorities are maintained for critical mission services. _8cbf6268-acba-11df-868f-560c7a64ea2a 153eda8f-8a89-4c84-8e1e-fd597464f4d4 07c5d7e8-d125-4c07-9b95-a20f9a1fb551 2007-05-04 2010-08-20 http://cio-nii.defense.gov/docs/Services_Strategy.pdf Owen Ambur Owen.Ambur@verizon.net Submit error.