Risk
7/26/2011
02:06 PM
50%
50%

FBI Data Exchange System Now Fully Operational

The National Data Exchange system lets the agency share information with 18,000 local and regional criminal justice organizations.

Government Innovators
Slideshow: Government Innovators
(clickimage for larger view and for full slideshow)
A new system that allows the FBI to automatically share information with local, state, regional, and other law-enforcement and criminal justice partners is now fully operational.

Raytheon said it completed work on the last phase of the National Data Exchange (N-DEx) system, which allows the FBI to pass on information about criminal justice cases automatically to 200,000 investigators in more than 18,000 federal, local, state, and tribal agencies. The system also performs analysis to identify crime trends and patterns to aid in crime-prevention tactics, according to the FBI.

The completion of N-DEx is slightly behind schedule, as original plans called for it to be completed last year, according to the FBI website. Nonetheless, authorized FBI partners now can use the system to make nationwide searches for information such as incident reports and criminal incarceration records; receive notifications of similar investigations and suspects to ones they are querying; and identify hotspots for criminal activity, among other capabilities.

The system uses standards-based technology and Web services to connect multiple disparate systems and users to rapidly search and visualize FBI data about incidents and cases, the company said. The FBI awarded Raytheon the contract to build the system in 2007.

In the last phase of development, Raytheon added a set of Web services that allow users, among other things, to receive information alerts about persons of interests when new records are entered into the system.

The FBI's Criminal Justice Information Services Division (CJIS)--which also manages another key information-sharing FBI database, the National Crime Information Center (NCIC) system--is managing N-DEx. Once the system is available to all the users that are authorized to access it, the agency expects it to handle about 6 million queries a day, which is on par with the NCIC system.

FBI has been stepping up improvements to how it shares information and data with various law-enforcement organizations that need swift access to it, a task that historically has been difficult and arduous. Earlier this year it deployed a new biometric ID system aimed at creating a more effective and accurate process for identifying fingerprints and other forms of biometric information and sharing it with appropriate organizations.

Developed by Lockheed Martin, the multimillion-dollar Next Generation Identification System (NGIS) allows the FBI exchange fingerprints with more than 18,000 law-enforcement agencies and other authorized criminal-justice partners. It also provides automated fingerprint and latent search capabilities, as well as electronic image storage.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0547
Published: 2015-07-04
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0548
Published: 2015-07-04
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0551
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P2...

CVE-2015-1966
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers to inject arbitrary web script or HTML via a crafte...

CVE-2015-2964
Published: 2015-07-04
NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report