This scenario contains real places and organizations. The people and events are fictitious. The scenario was created to highlight certain specific technology challenges and capabilities for policy aware systems.
(Draft)
Act I: Mia Analysa is an intel analyst at the Massachusetts Fusion Center. She would like to ask the national homeland security community if they know anything about Robert B. Guy (“Bobby Bad Guy”) that could help in the state's investigation of an incendiary device that exploded during a protest. She prepares a short memo explaining these facts and requesting information. She plans to send it to several organizations.
a) ACTION: Mia tells the Fusion Center's policy aware system she wants to send her memo to Feddy Agenti, a DHS law enforcement officer.
FUNCTION: This allows us to demonstrate the features of the system - a user interface, the ability to pull the necessary information about the people, the data, and the relevant rules from decentralized locations, the reasoner, and the truth maintenance system for explaining the decision. Mia is using a Massachusetts system which has MA data, rules, and profiles. It will also allow us to demonstrate getting the correct result from many sub-rules.
REASONING: Must apply Mass. Gen. Laws. Ann., Ch.6 § 172 (rule for release of criminal offender records) and Ch.66A § 1 (definitionfor "criminal justice agency")) (may also apply Ch.6 § 167 (definition for "criminal offender record information") and Ch.6 § 168 (definition of the "criminal history systems board")). In order to get the correct answer, the system will need to process the rule for releasing criminal offender information and figure out that: the intended recipient is a a "criminal justice agency"; that the dissemination is necessary to the performance of the criminal justice duty of the recipient; that the board has certified the recipient agency; that the information falls within the scope of the access defined by the board; and that the Fusion Center must keep a record of having made the dissemination.)
b) ACTION: Mia next tells the system she wants to send it to Maury Copp, a Baltimore Police Detective, at the Baltimore Fusion Center.
FUNCTION: This will allow us to demonstrate that the system/UI remembers her previous requested action and she needs only edit the recipient information.REASONING: Same as above.
Act II: Feddy Agenti finds information about
Bobby Bad Guy in a DHS intelligence system.
FUNCTION: Feddy is at a similar system, but one run by DHS (so it has the DHS data and rules in it).
REASONING: The system finds this request non-compliant with the Privacy Act (5 USC 552a(b)(7)), because that law would permit sharing with a state criminal law enforcement entity, but only if the head of the Massachusetts agency made a written request with certain specific statements. Mia's memo has appropriate metadata to indicate that the request is made as a designee of the head of the agency and entitled to be treated as a head of agency request, but does not name the requested record portions. The system also finds that another part of the Privacy Act requires it to reason over the rules in the System of Records Notice and that it doesn't have a link to one; this will produce a message that the rule is not identified to the system, so it couldn't make a judgment under this sub-rule.
b) Feddy shows the non-compliant result to the attorney in his office, Larry Lawyer, who recognizes that this is technically the right result but disagrees with how the rule is stated. ACTION: Larry sits down with Penny Programmer and makes a version of the rule which reflect DHS counsel opinion. (The library version of the rule says that the head of the agency must be ask for the requested record portion by name; Larry's version says the head of the agency must ask for the portion by category or description.)FUNCTION: The system permits him to edit the rule and make a new version which applies only to DHS. This demonstrates the policy editor user interface and function as well as the concept of overlaying a rule from the general rule library with an organization-specific interpretation.
REASONING: The request is compliant because Mia's memo has both the head of agency impimatur and sufficient category description.
Act III: Maury Copp finds information about Bobby
Bad Guy in a closed case file in the Maryland criminal case system; Bobby was
convicted for making and exploding small incendiary devices inside automobiles
outside three Army recruiting stations; he was convicted, given a five year
sentence, served eighteen months, and remains on parole. The Maryland
information contains details of Bobby's arrest, conviction, and the conditions
of his release from prison. Maury wants to understand how Massachusetts rules
will apply to the information if he sends it (e.g., will Maury get in trouble
later because Massachusetts will release the information in a circumstance
where Maryland would not).
a) ACTION: Maury asks the Maryland policy aware system whether he can give the Maryland criminal record information to Florida Departmentn of Law Enforcement.
FUNCTION: The system will analyze the request under Md. Code, Com. Law, Ch. 12, Subtitle 15, Sections 01.03 & 01.11
REASONING: The system will find that MD can give the record to FDLE.
b) ACTION: Maury asks the Maryland policy aware system whether Massachusetts can give the Maryland criminal record information to Florida's criminal law enforcement personnel.
FUNCTION: This will show how a user can override the system's assumptions. The system will assume that a user requesting to share data will want to run the rules that are associated with the data (e.g., the Maryland rules) and display that information in the user interface. The user will have the opportunity to override that assumption, choose Massachusetts rules from the rules library, and run them instead.
REASONING: This will demonstrate the system running the Massachusetts rule (Mass. Gen. Laws. Ann., Ch.6 § 172) over the Maryland data. It should result in two findings: (1) an analysis the same as in Act I (a) and (2) a finding based on that part of the statute which will give certain computerized information to anyone at all who asks, if the crime was punishable by 5 years or more and the person is currently on parole.
| Task No. | Task | Assigned | Due Date | Completion Date |
| 1.0 | Scenario | |||
| 1.1 | First draft scenario | kkw | 8/30/09 | 8/30/09 |
| 1.1.2 | Show draft scenario to fusion center | kkw | 9/9/09 - to BRIC
general scenario/ not detailed |
|
| 1.2 | Research statutes to find appropriate challenges | kkw | 9/6/09 | 9/12/09 |
| 1.3 | Draft detailed scenario | kkw | 9/12/09 | 9/12/09
10/2/09 (mod) |
| 2.0 | Statutes | |||
| 2.1 | Parse into intermediate form | |||
| 2.1.1 | Parse - Privacy Act | kkw edit govt version | 10/31/09 | 8/30/09 |
| 2.1.2 | Parse - MGL, Ch.6 § 172 | kkw | 10/31/09 | 9/12/09 |
| 2.1.3 | Parse - MGL, Ch.6 § 167 | kkw | n/a | n/a |
| 2.1.4 | Parse - MGL, Ch.6 § 168 | kkw | n/a | n/a |
| 2.1.5 | Parse - MGL, Ch.66A § 1 | kkw | 10/31/09 | [11/11/09] |
| 2.1.6 | Parse - MCCL, Ch. 12, Subtitle 15 § 01.03 | kkw | 12/31/09 | |
| 2.1.7 | Parse - MCCL, Ch. 12, Subtitle 15 § 01.11 | kkw | 12/31/09 | |
| 2.1.8 | Parse - Fla. Stat. Ann. § 119.011(4) | kkw | 12/31/09 | n/a |
| 2.2 | Code in AIR (policy & ontology file) | |||
| 2.2.1 | Code - Privacy Act | mjr | 8/30/09 | 8/21/09 |
| 2.2.1.1 | Change all calls to other rules (currently commented out) to air:justifies | PGR | 1/29/10 | |
| 2.2.1.2 | Figure out how to produce result as "compliant except rule xxxx not found" | PGR | 1/29/10 | |
| 2.2.1.3 | Build sample files, test for legal correctness & debug | PGR w/kkw | 2/28/10 | |
| 2.2.2 | Code - MGL, Ch.6 § 172 | pv | 10/2/09 | 10/6/09 |
| 2.2.2.1 | Correct @forALL (rewrite as appropriate with @forSOME) | pv | 12/31/09 | (new code) |
| 2.2.2.2 | Add in log:includes and match against Board approved list of criminal justice agencies | pv | 12/31/09 | |
| 2.2.2.3 | Build sample files, test for legal correctness & debug | PGR w/kkw | 2/28/10 | |
| 2.2.3 | Code - MGL, Ch.6 § 167 | pv | 11/30/09 | n/a |
| 2.2.4 | Code - MGL, Ch.6 § 168 | pv | 11/30/09 | n/a |
| 2.2.5 | Code - MGL, Ch.66A § 1 ("criminal justice agency" definition only) | pv | 11/30/09 | 11/12/09 |
| 2.2.5.1 | Return "criminal justice agency" pattern to 6-172 and create separate file for 66A-1 definition of same | pv | 12/31/09 | (partial) |
| 2.2.6 | Code - MCCL, Ch. 12, Subtitle 15 § 01.03 ("criminal justice agency" definition only) | wdc | 1/29/10 | 2/15/10 |
| 2.2.7 | Code - MCCL, Ch. 12, Subtitle 15 § 01.11 | sw | 1/29/10 | 2/16/10 |
| 2.2.7.1 | Build sample files, test for legal correctness & debug | sw | 2/28/10 | complete |
| 2.2.8 | Code - Fla. Stat. Ann. § 119.011(4) ("criminal justice agency" definition only) | PGR | n/a | n/a |
| 2.3 | Build log file generator for testing code (optional but very helpful) | |||
| 2.3.1 | Basic structure created | mjr | n/a | 7/30/09 |
| 2.3.2 | Extend to dynamically include all entities and values by class/category | optional | ||
| 2.4 | Edit all code to improve legal correctness | kkw | 4/30/10 | |
| 3.0 | Synthetic Data | |||
| 3.1 | Memo from Mia Analysa (MA analyst) | |||
| 3.1.1 | Draft memo | kkw | 10/30/09 | 10/7/09 |
| 3.1.2 | Draft information required in metadata | kkw | 10/30/09 | 11/11/09 |
| 3.1.3 | Produce rdf in attached XMP file | lk/os | 12/10/09 | 12/10/09 |
| 3.2 | MA Board file of approved criminal justice agencies & scope of access | |||
| 3.2.1 | Produce file data | kkw | 11/30/09 | 11/27/09 |
| 3.2.2 | Debug | PGR | 12/31/09 | |
| 3.3 | Feddy Agenti's (DHS) response to Mia | |||
| 3.3.1 | Draft response | kkw | 10/30/09 | 10/7/09 |
| 3.3.2 | Draft information required in metadata | kkw | 12/03/09 | 2/10/10 |
| 3.3.2 | Produce rdf in attached XMP file | kkw w/os | 1/31/10 | 2/17/10 |
| 3.4 | Maury Copp's (MD) response to Mia | |||
| 3.4.1 | Draft response | kkw | 10/30/09 | 10/7/09 |
| 3.4.2 | Draft information needed in metadata | kkw | 12/03/09 | 2/10/10 |
| 3.4.3 | Produce rdf in attached XMP file | kkw w/os | 1/31/10 | 2/17/10 |
| 3.5 | FOAF files for actors | |||
| 3.5.1 | Produce Mia FOAF | kkw | 11/30/09 | 11/3/09 |
| 3.5.2 | Produce Feddy FOAF | kkw | 11/30/09 | 11/3/09 |
| 3.5.2.1 | Debug Mia & Feddy FOAF | os & kkw | 11/30/09 | 11/11/09 |
| 3.5.3 | Produce Maury FOAF | kkw | 11/30/09 | 11/22/09 |
| 3.5.3.1 | Debug Maury FOAF | wdc | 12/31/10 | 2/17/10 |
| 3.5.4 | Produce FDLE FOAF | kkw | 2/17/10 | 2/28/10 |
| 4.0 | User Interfaces | |||
| 4.1 | "Ask a question" UI | |||
| 4.1 | "Ask a question" - first iteration | mjr | 9/30/09 | 8/21/09 |
| 4.1.1 | Add auto-complete function for data entry | mjr | 9/30/09 | 8/21/09 (1st) |
| 4.1.2 | Extend with 2.3.2 functionality (optional but very helpful - can provide validation) | optional | ||
| 4.1.2 | "Run" function | |||
| 4.1.2.1 | Builds a log file | mjr | 9/30/09 | 8/21/09 |
| 4.1.2.2 | Allows user to select logfile location | mjr | 9/30/09 | 8/21/09 |
| 4.1.2.3 | Runs logfile against Privacy Act | mjr | 9/30/09 | 8/21/09 |
| 4.1.2.4 | Lets user decide which policies to run against | ? | 1/29/10 | |
| 4.1.2.5 | Opens the Justification UI (with result) | mjr | 9/30/09 | 8/21/09 |
| 4.1.2.6 | Debug - can no longer run (after selecting logfile location) | ? | 1/29/10 | |
| 4.2 | Decentralized Information UI | |||
| 4.2.1 | Has structure:
"Can [person1] send [data] to [person2]?" "Additional important facts: [context], [context]...." |
rc | 12/16/09 | [12/10/09]
still requires context |
| 4.2.1 | Auto-completes user profile (foaf file) name and fills in the URL for [person1] | rc | 12/16/09 | 1/30/10 |
| 4.2.2 | Allows user to browse and click on target data URL | rc | 12/16/09 | mod |
| 4.2.3 | Allows user to enter [person2] foaf URL | rc | 12/16/09 | 1/30/10 |
| 4.2.3.1 | Enhancement: entering [person2] email and having it linked to a foaf | os? | 1/29/10 | |
| 4.2.4 | Delivers to reasoner & correctly identifies/tags sender/recipient | rc | 12/16/09 | [12/10/09] |
| 4.2.4.0 | Translates URLs to short-form names (for justification, etc) | os | ||
| 4.2.4.1 | Draft underlying code | lk | 9/25/09 | 12/10/09 |
| 4.2.4.2 | Draft rule | lk | 11/25/09? | |
| 4.2.5 | Remembers last query and pre-populates form (user can make changes) | rc | 12/16/09 | n/a |
| 4.2.5.1 | Enhancement: remembers multiple prior query values | optional | n/a | |
| 4.2.6 | Offers drop-down or auto-complete for [context] | ? | 12/16/09 | |
| 4.2.6.1 | Fetches those variables from rules associated with data | ? | 12/16/09 | |
| 4.7 | Interaction Feature - asks for information reasoner still needs (needed for Act 1 & 2; see 5.1.1 & 5.1.2) | ? | 2/28/10 | |
| 4.8 | Permits user to override applicable rule set (needed for Act 3, b; see 5.1.4) |
rc | 3/28/10 | |
| 4.3 | Rule Editor UI | |||
| 4.3.1 | Function to select rule to be edited | 6/30/10 | ||
| 4.3.1.1 | Select Rule by name or URL | 6/30/10 | ||
| 4.3.1.2 | Select Sub-Rule by name or URL (do our rules have sub-rule anchors?) | 6/30/10 | ||
| 4.3.2 | Viewer | |||
| 4.3.1 | Display rule or sub-rule selected | 6/30/10 | ||
| 4.3.2 | Display previous or next | 6/30/10 | ||
| 4.4 | Online edit function (webdav, sparql, or other) | 6/30/10 | ||
| 4.4.1 | If editor is changing a variable, use fetch and autocomplete to offer all known options | 6/30/10 | ||
| 4.4.2 | If editor is adding a new variable, create function to capture class/subclass/definition | 6/30/10 | ||
| 4.5 | Save as | |||
| 4.5.1 | 2 options - Replace master file or new organization-specific copy | 6/30/10 | ||
| 4.5.1.1 | Must save prior version (e.g., with extension /replaced_on_20090901) | 6/30/10 | ||
| 4.5.1.2 | Must capture metadata for new version (author, date, reason) | |||
| 4.4 | Justification UI | |||
| 4.4.1 | Modify as needed based upon all new UIs | os | increment | |
| 4.4.1.1 | Debug & fix - why not providing multiple explanations? | jh | ||
| 4.4.2 | Report rules not in system (e.g., called for by another rule but not found) | 4/15/10 | ||
| 5.0 | Reasoner enhancements / Other processing | |||
| 5.1 | Reasoner ability to seek additional information | |||
| 5.1.1 | Recognize rule requirement for user assertion (Act 1, a - needs to recognize that is should ask requestor for assertion that the information is necessary to recipient for a criminal justice purpose) | |||
| 5.1.2 | Recognize rule requirement for additional information available in data store (Act 1, a - requires reasoner to recognize that it needs to -- and then do -- find the MA Board list of certified agencies,, match that to the recipient and then match the scope of allowed access with the proposed sharing) | |||
| 5.1.3 | Recognize rule requirement to determine another rule (Act 2, a - requires reasoner to recognize that it needs a SORN associated with the system that the file is in, to figure out what that is, and to call and run it; in this case it needs to report out that it cannot find a rule of the type called for) | |||
| 5.1.4 | Recognize an "organization-specific" rule and let it run in place of (or allow it to rule in a conflict with) the library master (Act 2, b - requires the reasoner to use the DHS rule and treat as compliant a request for data categories rather than record element names) | |||
| 5.2 | Reasoner ability to call and run a rule as part of reasoning over a different rule (:justifies) | ij | 1/29/10 | |
| 5.3 | Improve rule space/answer space reduction | ? | optional | by-product |
| 5.4 | Rule DIFF (instead of Act 3 as currently written) | ? | optional | future |
| 5.5 | Natural language rule parsing | sw | optional | |
| 5.6 | Ontologic representation and visualization of rule/subrule linkages (exceptions/conditions/definitions) | sw | optional | |
| 5.7 | Rule validator (matching rule/interim/code) | ? | optional | future |
| 6.0 | 6 Transactions | |||
| 6.0.1 | Acquire and have TIG set up/maintain separate server for stable environment | kkw | 12/30/09 | |
| 6.1 | Create 4 directories/partitions/environments to model the four parties and their files | ? | 1/29/10 | |
| 6.2 | Run Act 1, a through MA system and debug | ? | 1/29/10 | |
| 6.3 | Run Act 1, b through MA system and debug | ? | 1/29/10 | |
| 6.4 | Run Act 2, a through DHS system and debug | ? | 2/28/10 | |
| 6.5 | Run Act 2, b through DHS system and debug | ? | 2/28/10 | |
| 6.6 | Run Act 3, a through MD system and debug | ? | 2/28/10 | |
| 6.7 | Run Act 3, b through MD system and debug | ? | 2/28/10 | |
| 6.0 | Reports & Deliverables | |||
| 6.1 | Brief report:
policies issues discovered through parsing discussing intermediate form |
kkw | 9/30/09 | 9/26/09
10/x/09 (mod) |
| 6.2 | Grantor site visit | hal, timbl, lk, kkw | 10/23/09 | 10/23/09 |
| 6.3 | All policies in AIR/ ontologies in RDF | 1/29/09 | ||
| 6.4 | Brief report:
issues coding policy in AIR |
kkw | 12/30/09 & 1/29/10 |
|
| 6.5 | Demo pulling Decentralized Information UI | lk & kkw | 12/30/09 | |
| 6.6 | [Grantor site visit to see demo] | |||
| 6.7 | Begin demo'ing to Fusion Center personnel for feedback | kkw & ? | 12/30/09 | |
| 6.8 | Create presentation for demos | kkw | 3/30/09 | |
| 6.9 | Demo all 6 transactions to 10 analysts/law enforcement | lk & kkw | 4/30/09 | |
| 6.10 | Final report - target user feedback | kkw | 5/20/09 | |
| 6.11 | Demos of all 6 transactions in DC | lk & kkw | 5/30/09 |
5 USC § 552a (Privacy Act) provides US (federal) law regarding requests for data that contains personally identifiable information
Mass. Gen. Laws. Ann., Ch.4 § 7 provides the MA definition for "public records" and specifically excludes law enforcement investigatory material
Mass. Gen. Laws. Ann., Ch.6 § 167 provides the definitions for "criminal offender record information" and "intelligence information" (law enforcement investigatory material)
Mass. Gen. Laws. Ann., Ch.6 § 168 provides the definition of the "criminal history systems board"
Mass. Gen. Laws. Ann., Ch.66A § 1 provides the MA definition for "criminal justice agency"
Mass. Gen. Laws. Ann., Ch.6 § 172 provides the rules for release of criminal offender record information to criminal justice agencies
Md. Code, Com. Law, Ch. 12, Subtitle 15 § 01.03 provides MD definitions for "criminal history record information" (CHRI) and "criminal justice agency"
Md. Code, Com. Law, Ch. 12, Subtitle 15 § 01.11 provides MD rules for disseminating CHRI to other state criminal justice agencies
Fla. Stat. Ann. § 119.011(4) provides FL definition for "criminal justice agency"
Note: "§" is the legal citation symbol for "Section"