02:06 PM

FBI Data Exchange System Now Fully Operational

The National Data Exchange system lets the agency share information with 18,000 local and regional criminal justice organizations.

Government Innovators
Slideshow: Government Innovators
(clickimage for larger view and for full slideshow)
A new system that allows the FBI to automatically share information with local, state, regional, and other law-enforcement and criminal justice partners is now fully operational.

Raytheon said it completed work on the last phase of the National Data Exchange (N-DEx) system, which allows the FBI to pass on information about criminal justice cases automatically to 200,000 investigators in more than 18,000 federal, local, state, and tribal agencies. The system also performs analysis to identify crime trends and patterns to aid in crime-prevention tactics, according to the FBI.

The completion of N-DEx is slightly behind schedule, as original plans called for it to be completed last year, according to the FBI website. Nonetheless, authorized FBI partners now can use the system to make nationwide searches for information such as incident reports and criminal incarceration records; receive notifications of similar investigations and suspects to ones they are querying; and identify hotspots for criminal activity, among other capabilities.

The system uses standards-based technology and Web services to connect multiple disparate systems and users to rapidly search and visualize FBI data about incidents and cases, the company said. The FBI awarded Raytheon the contract to build the system in 2007.

In the last phase of development, Raytheon added a set of Web services that allow users, among other things, to receive information alerts about persons of interests when new records are entered into the system.

The FBI's Criminal Justice Information Services Division (CJIS)--which also manages another key information-sharing FBI database, the National Crime Information Center (NCIC) system--is managing N-DEx. Once the system is available to all the users that are authorized to access it, the agency expects it to handle about 6 million queries a day, which is on par with the NCIC system.

FBI has been stepping up improvements to how it shares information and data with various law-enforcement organizations that need swift access to it, a task that historically has been difficult and arduous. Earlier this year it deployed a new biometric ID system aimed at creating a more effective and accurate process for identifying fingerprints and other forms of biometric information and sharing it with appropriate organizations.

Developed by Lockheed Martin, the multimillion-dollar Next Generation Identification System (NGIS) allows the FBI exchange fingerprints with more than 18,000 law-enforcement agencies and other authorized criminal-justice partners. It also provides automated fingerprint and latent search capabilities, as well as electronic image storage.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-05
system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.

Published: 2015-10-05
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate ...

Published: 2015-10-05
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetin...

Published: 2015-10-05
Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse.

Published: 2015-10-05
Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessing it via a direct request to the file in files/_tmp/.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.