Australian Government Architecture Reference Models Version 3.0

More documents

Recommendations

Info

198 7.6 Security and Privacy Security and privacy considerations apply to all three of the DRM’s standardisation areas. Security defines the methods of protecting information and information systems from unauthorised access, use, disclosure, disruption, modification or destruction in order to provide integrity, confidentiality and availability, whether in storage or in transit. Privacy addresses the acceptable collection, storage, use and disclosure of information, and its accuracy. The DRM allows for the integration of existing Australian Government information security and privacy policies within each of its standardisation areas. The table below describes several sets of security policies and legislation that are applicable to the DRM. Policy/Legislation Description Australian Government Information Security Manual (ISM, formerly ACSI 33) Privacy Act 1988 (Commonwealth) Australian Government Architecture Reference Models Version 3.0 Developed by the Defence Signals Directorate (DSD) to provide policies and guidance to Australian Government agencies on how to protect their ICT systems. Commonwealth and ACT government agencies must comply with 11 Information Privacy Principles which are set out at section 14 of the Privacy Act 1988 (Cth). These are based on the 1980 OECD guidelines governing the protection of privacy and transborder flows of personal data. Archives Act Commonwealth agencies must comply with National Archives Act Protective Security Policy Framework (PSPF) Commonwealth agencies must comply with the PSPF. An institutional process that includes roles and responsibilities for data stewardship for each project or program in the agency needs to be defined as part of a policy that governs data quality, security and privacy. There are a number of areas that should be addressed in building such a policy. These include: � constructing a policy that is compliant with legislation and standards � addressing sensitivity of information that eliminates possible compromise of sources and methods of information collection and analysis � establishing the practices of data stewardship � addressing specific data access policies defined by the responsible steward, for example: o data is available for open, unrestricted access o data is accessible only to a defined group of persons or organisations o data access is dependent on the identity of the accessing person, data about that person (e.g. current position) and data about the environment (e.g. physical location) o data is self-protecting through digital rights management 21 or similar technologies. The successful categorising, describing and sharing of data are dependent on the implementation of security regarding the data being exchanged. Security and privacy requirements must be considered at each level of the DRM and, in particular, regarding the sharing of data. The DRM is designed to allow for the integration of existing Australian Government information security policies and privacy legislation within each of its standardisation areas. 21 Digital Rights Management is also abbreviated DRM. Hence, the reader should be aware of context when this abbreviation is encountered.
7.7 Data Context Standardisation Area This section describes the Data Context standardisation area of the DRM. The purpose of the Data Context standardisation area is to enable identification and discovery of data and to provide linkages to the other AGA reference models. The content of the Data Context captured by each COI is determined by its needs and the need to support the related LoB. Data Context is the basis for data governance. Understanding Data Context provides the means for informed government decision-making with regard to its information holdings. This section also describes the overall structures, methods and benefits for providing data with context and gives practical examples on their use. The Data Context section is organised as follows: Contents Introduction Guidance Data Context Section of the DRM Abstract Model Data Context Attributes Data Context Example 7.7.1 Introduction 7.7.1.1 What is Data Context and Why is it Important? provides introductory information regarding the Data Context standardisation area, explaining why there is a Data Context section of the DRM abstract model and what can be done because of it. provides a description of how to start the process of creating Data Context artefacts and the goals of the process. presents and describes the Data Context section of the DRM abstract model. Documenting Data Context in compliance with this section of the DRM abstract model provides a common mechanism for communication within the COI and among COIs. expands on the concepts presented above to include attributes that are associated with each concept in the Data Context section of the DRM abstract model. provides a usage example to further explain the Data Context standardisation area. Data Context is any information that provides additional meaning to data to relate it to the purposes for which it was created and used. It is the information that makes it possible to provide a Context Awareness Service to support a COI or collaboration among COIs. Within a Context Awareness Service, one identifies the existence of a Data Asset and enables a user to discover whether it is potentially relevant to a given information need. The service makes Data Context artefacts, developed in accordance with the Data Context section of the DRM abstract model, available for use. These artefacts are chosen by the COI to reflect government-related business needs and contain adequate information to support government related decision-making. Typical examples of Data Context for a given Data Asset may include a Topic identifying a subject area, a data stewardship assignment, sources of record, etc. At a minimum, the Data Context for a given Data Asset should answer the following questions: � What are the data (subject areas/topics and entities of interest) contained within the Data Asset? � What organisation is responsible for maintaining the Data Asset? � What is the linkage to the AGA BRM? � What services are available to access the Data Asset? (See: Data Sharing) Australian Government Architecture Reference Models Version 3.0 199
Page 3 and 4:
Copyright Notice This work is copyr
Page 5 and 6:
This page is intentionally blank Au
Page 7 and 8:
6 Service Reference Model .........
Page 9 and 10:
Figure 4-26: Tasks measurement bran
Page 11 and 12:
Page 13 and 14:
1.1 Audience This document is targe
Page 15 and 16:
systems and process frameworks, suc
Page 17 and 18:
At an agency level, these business
Page 19 and 20:
� bridging data architectures. Th
Page 21 and 22:
Page 23 and 24:
LAYER DESCRIPTION Service Describes
Page 25 and 26:
3.4 Metamodel elements by layer 3.4
Page 27 and 28:
Attributes Type Description Code St
Page 29 and 30:
3.4.3 Service layer The Service lay
Page 31 and 32:
Entity Name Service Entity Descript
Page 33 and 34:
Entity Name TRM Service Area Entity
Page 35 and 36:
Page 37 and 38:
Figure 4-1: The PRM Classification
Page 39 and 40:
Figure 4-2: Linking the PRM to the
Page 41 and 42:
Figure 4-5: Combining the TRM and t
Page 43 and 44:
4.1.4.2 The Outcome Process Model F
Page 45 and 46:
The PRM is structured in a way that
Page 47 and 48:
4.1.4.5 Other References Australian
Page 49 and 50:
The PRM is able to: � support pla
Page 51 and 52:
4.1.5.3 Indirect Benefits The indir
Page 53 and 54:
Level 4 Measurement groupings Level
Page 55 and 56:
4.3.1 Program outcomes The followin
Page 57 and 58:
Subtype Measures of effects that in
Page 59 and 60:
Measurement Area Measures of effect
Page 61 and 62:
4.4.1 Product consumption 2101 Time
Page 63 and 64:
4.4.2 Service delivery 2201 Availab
Page 65 and 66:
Measurement Area Rationale Defined
Page 67 and 68:
3 OUTPUTS 31 Products 32 Services 3
Page 69 and 70:
Page 71 and 72:
4.6 Work domain ‘Work’ is the g
Page 73 and 74:
Page 75 and 76:
4.6.2 Ad hoc tasks 4201 Task effici
Page 77 and 78:
Understanding the performance relat
Page 79 and 80:
[4305] Process Reliability [4306] P
Page 81 and 82:
4.7 Inputs domain It could be argue
Page 83 and 84:
Page 85 and 86:
4.7.2 Data and information In the i
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
4.7.5 Money 55 Money 5501 Costs (mo
Page 97 and 98:
First order Second order Higher ord
Page 99 and 100:
Measurement Indicator Rationale Cur
Page 101 and 102:
4.9.2 Example 2: OPM used in operat
Page 103 and 104:
Page 105 and 106:
BRM Business Area 1 Contains lines
Page 107 and 108:
[109] Employment [10901] Human Reso
Page 109 and 110:
5.3 Services for Citizens Business
Page 111 and 112:
Business Sub Function Defines the s
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
5.3.9 [109] Employment A Employment
Page 123 and 124:
Page 125 and 126:
5.3.12 [1012] Immigration A Immigra
Page 127 and 128:
5.3.14 [1014] International Relatio
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
5.3.17 [1017] Natural Resources A N
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
5.3.24 [1024] Trade A Trade involve
Page 143 and 144:
Page 145 and 146:
5.4.1 [201] Credit and Insurance F
Page 147 and 148:
Page 149 and 150: 5.5 Services Support Business Area
Page 151 and 152: Business Sub Function Defines the s
Page 155 and 156: 5.6.1 [401] Administrative Manageme
Page 163 and 164: Example 1: Financial Assistance to
Page 165 and 166: 6 Service Reference Model 6.1 Intro
Page 167 and 168: 6.3 Customer Services Domain The Cu
Page 169 and 170: 6.3.2 [1002] Customer Preferences C
Page 171 and 172: 6.4.2 [1102] Routing and Scheduling
Page 173 and 174: 6.5.1 [1201] Management of Process
Page 175 and 176: 6.5.4 [1204] Supply Chain Managemen
Page 177 and 178: 6.6.2 [1302] Document Management Ca
Page 179 and 180: 6.7 Business Analytical Services Do
Page 181 and 182: 6.7.3 [1403] Knowledge Discovery Ca
Page 183 and 184: 6.8.1 [1501] Data Management Capabi
Page 185 and 186: 6.8.4 [1504] Assets/Materials Manag
Page 187 and 188: 6.9 Support Services Domain The Sup
Page 189 and 190: 6.9.2 [1602] Collaboration Capabili
Page 191 and 192: 6.9.6 [1606] Forms Management Capab
Page 193 and 194: 7 Data Reference Model 7.1 Introduc
Page 195 and 196: 7.4 DRM Implementation Framework Th
Page 197 and 198: Standardisation Area Description Da
Page 199: The DRM abstract model is an archit
Page 203 and 204: 7.7.2 Guidance 7.7.2.1 The COI, its
Page 205 and 206: � Though cardinality is not expre
Page 207 and 208: Term Definition Other AGA Reference
Page 209 and 210: Figure 7-8: US DOI DRM Classificati
Page 211 and 212: section, as well as through the cat
Page 213 and 214: The following are definitions for e
Page 215 and 216: Term Definition Document (human rea
Page 217 and 218: Concept Attribute Description Examp
Page 221 and 222: Figure 7-13: US FEA BRM Logical Dat
Page 223 and 224: While it may have been physical evi
Page 225 and 226: Based upon this analysis, the archi
Page 227 and 228: architect should plan to provide th
Page 229 and 230: Term Definition Exchange Package An
Page 231 and 232: 7.9 DRM Abstract Model This section
Page 233 and 234: The table below summarises each of
Page 235 and 236: Term Definition Digital Data Resour
Page 241 and 242: The following are definitions for e
Page 243 and 244: The table below provides attributes
Page 245 and 246: Supplier A Supplier is an entity (p
Page 247 and 248: This page is intentionally blank Au
Page 249 and 250: 8.2 Structure Organised in a hierar
Page 251 and 252:
8.3.1 [3001] Access Channels Access
Page 253 and 254:
8.3.2 [3002] Delivery Channels Deli
Page 255 and 256:
Service Standards Defined by Exampl
Page 257 and 258:
Service Standards Defined by Exampl
Page 259 and 260:
8.4 Service Platform and Infrastruc
Page 261 and 262:
8.4.2 [3102] Delivery Servers Deliv
Page 263 and 264:
Service Standards Defines Examples
Page 265 and 266:
8.4.5 [3105] Hardware/Infrastructur
Page 267 and 268:
Page 269 and 270:
8.5 Component Framework Service Are
Page 271 and 272:
Page 273 and 274:
8.5.3 [3203] Business Logic Busines
Page 275 and 276:
8.5.5 [3205] Data Management Data m
Page 277 and 278:
8.6 Service Interface and Integrati
Page 279 and 280:
Page 281 and 282:
8.6.3 [3303] Interface Interface de
Page 283 and 284:
Term Definition Australian Governme
Page 285 and 286:
Term Definition Business Service [t
Page 287 and 288:
Term Definition Context [top] As re
Page 289 and 290:
Term Definition Data Element Regist
Page 291 and 292:
Term Definition Digital Rights Mana
Page 293 and 294:
Term Definition Exchange Package [t
Page 295 and 296:
Term Definition Management Context
Page 297 and 298:
Term Definition Preferred Term [top
Page 299 and 300:
Term Definition Semantic Web [top]
Page 301 and 302:
Term Definition Technical Reference
Page 303 and 304:
Term Definition eXtensible Markup L
show all

Australian Government Architecture Reference Models Version 3.0

Create successful ePaper yourself

Delete template?

Save as template?