Proprietary rights statement


Odyssey's standardisation methodology



Download 1.51 Mb.
Page6/31
Date05.01.2017
Size1.51 Mb.
#7149
1   2   3   4   5   6   7   8   9   ...   31

6.1 Odyssey's standardisation methodology


Odyssey’s chosen standardisation activities process and methodology is presented below.


6.2 Potential IT Standards in Odyssey

Under the co-ordination of MIP, partners have been asked to submit possible IT standards that could be used and affected by Odyssey. This information is summarised below:



Potential Odyssey Standards

Standard Name

Type

Country or Region

Body, Organisation or Company Responsible

Brief Description

Observations

Source partner

European Criminal Intelligence Model (ECIM)

Processes and methodologies

Europe

EU

Cyclical process in the frame of investigations including the Organised Crime Threat Assessment (OCTA) findings, priority setting, intelligence collection programmes, analyses, and
targeting.

ongoing implementation

EUROPOL/MIP

NIEM

Information exchange among public bodies

USA

Partnership of the U.S. Department of Justice and the Department of Homeland Security

The National Information Exchange Model (NIEM) is designed to develop, disseminate, and support enterprise‐wide information sharing standards and processes across the whole of the justice, public safety, emergency and disaster management, intelligence, and homeland security enterprise at all levels and across all branches of government.

In the USA, under the program NIEM to the standardization of the data models has been defined N-Dex data model for crime intelligence

EUROPOL

Law Enforcement National Data Exchange (N-DEx)

crime data

USA

US Department of Justice, Office of Justice Programs

The purpose of the N-DEx IEPD is to provide law enforcement agencies documentation that lists exchange specifications to be used for the exchange of criminal justice information that is complete, accurate, and timely. It contains written documentation, schemas, instance documents, style sheet, a mapping spreadsheet, and additional documentation.

framework for the interchange of information on the Crime Intelligence, is based on NIEM standard

EUROPOL

WS-Security

Data security

Worldwide

Organization for the Advancement of Structured Information Standards (OASIS)

WS-Security (Web Services Security, short WSS) is a flexible and feature-rich extension to SOAP to apply security to Web services. It is a member of the WS-* family of web service specifications and was published by Oasis-Open.
The protocol specifies how integrity and confidentiality can be enforced on messages and allows the communication of various security token formats, such as SAML, Kerberos, and X.509. Its main focus is the use of XML Signature and XML Encryption to provide end-to-end security.

released in 2004 initially projected by VeriSign, IBM and Microsoft

MIP/ATOS

WS-Policy

Security

Worldwide

W3C

WS-Policy is a specification that allows web services to use XML to advertise their policies (on security, Quality of Service, etc.) and for web service consumers to specify their policy requirements.
WS-Policy represents a set of specifications that describe the capabilities and constraints of the security (and other business) policies on intermediaries and end points (for example, required security tokens, supported encryption algorithms, and privacy rules) and how to associate policies with services and end points.

 

MIP

TAPA Incident Information System (IIS)

Crime data

EMEA (Europe, Middle East, and Africa)

Transported Assets Protection Association (TAPA) EMEA (Europe, Middle East, and Africa)

Designed to improve the availability and the flow of information on crimes against high-technology logistics supply chains within the industry and between industry and Law Enforcement Agencies (LEAs)

TAPA’s Incident Information System (IIS) logs transportation-related theft incidents and has been available to TAPA America members in good standing since 2006

MIP

IS

Crime data

Europe

Europol

The IS provides capabilities for storing, searching, visualising and linking information related to trans-national crimes. each EU nation should provide ssw interface to exchange data into IS data model

The system supports automatic detection of possible hits between different investigations: hits can be shown in graphical overviews

EUROPOL-MIP

Info-Ex

Crime data

Europe

Europol

Europol's computerized tool for secure exchange of information and intelligence provides also intelligent search capabilities

Designed for crime analysis more that EUROPOL system IS

EUROPOL

Schengen Information System (SIS and SIS II)

Public bodies information exchange

Europe

European Union

The categories of data shall be as follows:

(a) persons reported


(b) objects and vehicles referred.
The items included in respect of persons, shall be no more than the following:
(a) name and forename, any aliases possibly registered separately; (b) any particular objective and permanent physical features; (c) first letter of second forename; (d) date and place of birth; (e) sex; (f) nationality; (g) whether the persons concerned are armed; (h) whether the persons concerned are violent; (i) reason for the report; (j) action to be taken.

Other references, in particular the data listed in Article 6, first sentence of the Council of Europe Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data, shall not be authorized.



The purpose of the Schengen Information System shall be in accordance with this Convention to maintain public order and security, including State security, and to apply the provisions of this Convention relating to the movement of persons, in the territories of the Contracting Parties, using information transmitted by, the system.

MIP

Law Enforcement standards

Law Enforcement information exchange

USA

Commission on Accreditation for Law Enforcement Agencies (CALEA)

The standards address some major law enforcement subjects, among them:
• operations
• operation support
• traffic operations

There are currently 463 standards in the Law Enforcement Accreditation Program: most of the standards proposed by CALEA are not directly relate to crimes or information sharing but rather to the way that the law enforcement agencies are internally organized and what are their procedures

MIP

Office of Law Enforcement Standards (OLES)

Crime data

USA

National Institute of Standards and Technology (NIST)

OLES is in fact a set of programs that aim at developing and maintaining standards in various areas of crime studies, the most interesting for Odyssey is the Forensics Sciences area in which the Agency has provides lots of different standards for crime investigation.

NIST is agency of the US dept. of Commerce: for instance the NIST Reference Materials 8240/8250 helps firearms examiners to calibrate their instruments

MIP

IBIN Interpol Ballistic Information Network

Crime data

Worldwide (Canadian Company)

Forensic Technology Inc.

System based proprietary standard that aims at identifying the signature in the ballistics items, it was developed by Forensic Tech, the same producer of IBIS. The Interpol Ballistic Info Network (IBIN) based on a server in INTERPOL premises in Lyon allows each EU member state to share and compare ballistic data with other EU countries in the IBIN network (based on IBIS technologies)

allows the international electronic exchange and comparison of ballistics data between the 45 countries and territories which are already using the system on a national basis and other countries which will acquire the technology in the future. Used by the INTERPOL since February 2009

MIP

IBIS (Integrated Ballistic Identification System)

Ballistic data

Worldwide

Forensic Technology Inc.

system that "reads" and catalogues the bullets helping in the identification of similarities.

Some of the systems that Odyssey have been keeping track of from the beginning

ALL

NABIS

Ballistic data

GB

National Ballistic Intelligence Service

A national database for all recovered firearms and ballistic material such as complete rounds of ammunition, shell cases and projectiles. The database will also link those ballistics items to tactical intelligence recorded by the Police forces and other UK Law enforcement agencies

 

ALL

Firetyde

Ballistic data

Europe

AFTE Association of Firearms and Toolmarks Examiners

Database of Classmarks that experts use. Classmarks are the marks left on cartridge cases and bullets that an expert can use to identify the make and model of the weapon that fired it. This information can be used to narrow down potential items of evidence for comparison.

free on the web for registered users from 2007

ALL

Calibre nomenclature

Ballistic data

Worldwide

 

Each calibre has one or more identifying descriptors

Correct Calibre Nomenclature can be found in the following Reference Books: Cartridges of the World (Frank C.Barnes) published www.krause.com, Janes Ammunition Handbook published by www.Janes.com

AGS

Jena

Data handling

Worldwide

HP labs USA

Jena is a helper framework for semantic applications

 

XLAB

OWL - Web Ontology Language

Other

Worldwide

World Wide Web Consortium

Set of standards for semantic languages for representing ontologies.

 

XLAB

Protégé

Other

Worldwide

Stanford University USA

Protégé is both an editor of ontologies and a framework for knowledge bases.

 

XLAB

RUP - Rational Unified Process

Processes and methodologies

Worldwide

IBM

RUP is a general software development process guide based on iterations and adaptability.

 

XLAB

SPARQL

Data access

Worldwide

World Wide Web Consortium

Semantic query language for RDF

 

XLAB

SQL

Data access

Worldwide

ISO-ANSI

Structured Query Language is the most widely spread standard for the interaction with relational databases.

 

XLAB

TDD Test Driven Development

Processes and methodologies

Worldwide

--

Software development practice that defines a set of tests the system must pass before the beginning of the development of the software proper.

 

XLAB

CALIBER

Calibre identification

Worldwide

AFTE Association of Firearms and Toolmarks Examiners

Database to determine the calibre of a cartridge case from simple measurements, including the possibility to determine a standardized calibre name.

available free on web from 2007 for registered users

MIP

SOAP

Communication

Worldwide

World Wide Web Consortium

The Simple Object Access Protocol (SOAP) is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks. It relies on extensible Markup Language (XML) as its message format, and usually relies on other Application Layer protocols (most notably Remote Procedure Call (RPC) and HTTP) for message negotiation and transmission. SOAP can form the foundation layer of a web services protocol stack, providing a basic messaging framework upon which web services can be built.

 

ATOS

XML signature

Security

Worldwide

World Wide Web Consortium

XML Signature (also called XMLDsig, XML-DSig, XML-Sig) is a W3C recommendation that defines an XML syntax for digital signatures. Functionally, it has much in common with PKCS#7 but is more extensible and geared towards signing XML documents. It is used by various Web technologies such as SOAP, SAML, and others. XML signatures can be used to sign data-a resource-of any type, typically XML documents, but anything that is accessible via a URL can be signed. An XML signature used to sign a resource outside its containing XML document is called a detached signature; if it is used to sign some part of its containing document, it is called an enveloped signature; if it contains the signed data within itself it is called an enveloping signature.

 

ATOS

XML-Encryption

Security

Worldwide

World Wide Web Consortium

XML Encryption, also known as XML-Enc, is a specification, governed by a W3C recommendation that defines how to encrypt the contents of an XML element. Although XML Encryption can be used to encrypt any kind of data, it is nonetheless known as "XML Encryption" because an XML element (either an EncryptedData or EncryptedKey element) contains or refers to the cipher text, keying information, and algorithms. Both XML Signature and XML Encryption use the KeyInfo element, which appears as the child of a SignedInfo, EncryptedData, or EncryptedKey element and provides information to a recipient about what keying material to use in validating a signature or decrypting encrypted data.

 

ATOS

X.509

Security

worldwide

The Telecommunication Standardization Sector (ITU-T) coordinates standards for telecommunications on behalf of the International Telecommunication Union (ITU).

X.509 is an ITU-T standard for a public key infrastructure (PKI) for single sign-on (SSO) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.

 

ATOS

XKMS

Security

Worldwide

World Wide Web Consortium

XML Key Management Specification (XKMS) uses the web services framework to make it easier for developers to secure inter-application communication using public key infrastructure (PKI). XML Key Management Specification is a protocol developed by W3C which describes the distribution and registration of public keys. Services can access an XKMS compliant server in order to receive updated key information for encryption and authentication.

 

ATOS

PKCS (Public-Key Cryptography Standards)

Security

Worldwide

RSA laboratories

The Public-Key Cryptography Standards are specifications produced by RSA Laboratories in cooperation with secure systems developers worldwide for the purpose of accelerating the deployment of public-key cryptography. First published in 1991 as a result of meetings with a small group of early adopters of public-key technology, the PKCS documents have become widely referenced and implemented. Contributions from the PKCS series have become part of many formal and de facto standards, including ANSI X9 documents, PKIX, SET, S/MIME, and SSL.

 

ATOS

TripleDES

Security

Worldwide

National Institute of Standards and Technology (NIST).

TripleDES is the common name for the Triple Data Encryption Algorithm (TDEA. Triple DES is a minor variation of the Data Encryption Standard (DES), developed by an IBM team around 1974 and adopted as a national standard in 1977. It is three times slower than regular DES but can be billions of times more secure if used properly. Triple DES enjoys much wider use than DES because DES is so easy to break with today's rapidly advancing technology.

 

ATOS

Guidance on management of police information

Crime information management processes

England, Wales, Northern Ireland

NPIA National Policing Improvement Agency

Framework for management of police information, from collection to sharing, review, retention and disposal

 

AGS

ISO Guidance for CSI investigations

Crime scene investigation

Europe

EA (European Cooperation for Accreditation + ENFSI (European Network of Forensic Science Institutes)

Guidance for the implementation of ISO/ IEC 17020 in the field of crime scene investigation

 

NYP

AFTE theory of identification

Ballistic data

Worldwide

AFTE Association of Firearms and Toolmarks Examiners

Standard for firearms identification: Identification is made when the "Expert" is satisfied there is a sufficient agreement of matching stria, damages, marks which are in his opinion unique. It is based on three Identification principles, one of which states that the identification decision is taken on a subjective basis, grounded on examiner's experience

 

AGS/RMA

NIM (National Intelligence Model)

Crime

UK

Home Office

Standard for intelligence gathering process and in general investigation process (from starting event to solution and operational review)

 

NYP





Download 1.51 Mb.

Share with your friends:
1   2   3   4   5   6   7   8   9   ...   31




The database is protected by copyright ©ininet.org 2024
send message

    Main page