Why SOE?

The increasing tempo of e-government and net-centric information sharing requires systems and services that are simple and reliable.

A service-oriented enterprise (SOE) uses Service-oriented architecture (SOA) principles to establish command and control over information resources at an enterprise level – including people and processes, not just technology. Transitioning to a SOE gives agencies a practical platform for modernizing their data, systems, and applications. It enables them to support seamless collaboration and information sharing – no matter how far or how fast their requirements evolve.

Why McDonald Bradley?

McDonald Bradley delivers service SOE solutions to civilian, defense, and intelligence agencies.

Our staff of SOE professionals developed the first operational SOA in DoD. They’ve written 12 books on SOE-related topics.

We actively participate in national standards bodies. We’ve won industry awards for managing large government programs.

As agencies transition to shared services environments, we use this expertise to:

• Support the entire process of planning, developing,
  and managing SOAs
• Facilitate migration from legacy systems
• Incorporate COTS and GOTS solutions
• Ensure productivity with training, help desk, and network support
• Manage large subcontractors to deliver end-to-end solutions

Agencies urgently know they need to change how they develop and use their information resources. McDonald Bradley helps them define and smooth that transformation by facilitating their transition toward a SOE.

SOA vs. SOE - What's the difference?

Service-oriented architecture (SOA) is an approach to system and application development that maximizes flexibility and reduces redundancy - by making commonly used functions dynamically available as shared, reusable services.

A service-oriented enterprise (SOE) is an organization that has embraced a SOA approach as its strategy for planning, developing, and managing information resources.

The difference is that SOA focuses on development while SOE incorporates SOA as a foundation for aligning business components and people as well as data, applications, systems, and infrastructure.

McDonald Bradley helps agencies transition toward SOE in order to:

• Seamless collaboration across agencies, organizations, and levels of government
• Secure information sharing without costly and rigid customization
• Lower operations and systems costs

McDonald Bradley SOE Services and Solutions:

Full lifecycle support for SOA design and development

• Assessment
• Planning
• Architecture
• Customer relationships
• Services design and development
• Operations and maintenance
• Change management

Legacy to SOA transition support

• Migration planning and implementation
• Maintenance, modification, and operation of legacy systems
• Development of network-based applications

COTS/GOTS integration

• Evaluation and selection
• Solutions integration
• Recognized success in HR/ finance applications

General system support

• Full services for legacy and SOA environments
• Help desk, network support, and training

McDonald Bradley’s knowledge and focus on SOE/SOA complements our other core competencies in Data Interoperability, Information Assurance, and Enterprise Management and Governance. We combine these competencies to help agencies mitigate the risks associated with IT investments.

Proven Performance:

DoD Horizontal Fusion

Challenge: Data was siloed across DoD by non-standard formats, security standards, and multiple networks.

Solution: McDonald Bradley implemented a new content discovery standard, federated search reference, data provider development kit, and compliance processes – as well as dynamic discovery, registration, and an update of data sources.

Results: Search users now have secure access to more than 30 data sources across DoD and the Department of State. Siloed systems were replaced by a SOE with a clear roadmap to SOA enablement and information sharing EO 13388 compliance.

Alien/DODIIS Data Layer

Challenge: The Defense Intelligence Agency (DIA) needed to enhance access and sharing of intelligence data among analysts, peer organizations, and end-user customers.

Solution: McDonald Bradley developed the All Source
Intelligence Environment (Alien) to give DIA a secure, standards-based SOA- enabled environment for intelligence analysis, information discovery, knowledge object management, and seamless data sharing.

Results: Alien provides menu-driven and keyword searches of secure data sources. Users can rapidly access pertinent resources by people, places, organizations, and events. Our SOE secure open architecture approach supports current and future integration of analysis tools and data sources.

Counterintelligence Field Activity (CIFA) Counterintelligence Collaboration, Analysis, and Coordination (CI-CAC)

Challenge: Data could only be accessed from one source at a time and could not be used within analysts’ preferred tools. These issues degraded performance and productivity, especially for new analysts.

Solution: McDonald Bradley incorporated existing DoD security and search solutions into a federated data query and delivery architecture. Deliverables included integrated analytical tools, an enterprise security model, and portal access.

Results: CIFA analysts now have seamless, secure access to six data sources and can analyze information using preferred tools. Siloed systems were replaced by loosely coupled services within a SOA.

» BACK TO TOP

DoD and Intelligence Community Support–Advanced Secure Data Sharing and Access–

DoDIIS and Intelligence Community Support–Advanced Secure Data Sharing and Access–

What is SOE?

A service-oriented
enterprise (SOE) is
an organization that
has embraced a SOA
approach as its
strategy for planning,
developing, and
managing information
resources.

Click below to download datasheets

SOE Datasheet

All-Source Intelligence Environment (ALIEN) Datasheet

Why Data Interoperability?

Siloed data is a critical problem for most organizations whose mission requires the sharing of knowledge across organizational boundaries.

Data interoperability (DI) comprises three interrelated capabilities:

• The ability to govern how information (especially documents and records) is stored, accessed, and used
• The ability to handle information securely, regardless of source and location
• The ability to use knowledge in the context of other related information

With these capabilities, agencies improve their efficiency as data can be found quickly. They can share information securely, enhancing collaboration. They can make sound decisions, trusting in the source and context of supporting information.

Why McDonald Bradley?

McDonald Bradley provides expertise and services that support all three DI capabilities. Our qualifications include:

Our Own Team of DI Professionals

• Recognized experts in fielding search
  and discovery tools.
• Experienced Implementers of document and record management systems in complex legacy environments with full security
• Co-authored the first Wikipedia entry on semantic web

Proven Past Performance

• Contributed data standards, ontologies, and a federated search solution to the Department of Defense (DoD)
• Architected the DoDIIS Data Layer
• Provided technical leadership to DoD Discovery Metadata Specification and Taxonomy Focus Groups
  

McDonald Bradley DI Services and Solutions:

Federated Search and Content Discovery

McDonald Bradley helps agencies find and share information across multiple systems. Unlike common search tools, our approach:

• Spans networks and proprietary systems
• Delivers targeted results, not "hits"
• Provides results from real data in real time, not from a pre-built index
• Remains available even when one or more component systems go offline
• Supports role- and policy-based security

Semantic Web Solutions

McDonald Bradley's approach helps users increase effectiveness of mission information through:

• Effective use of metadata
• Automated knowledge of data relationships
• Automated management of data synonyms

Users quickly find the data that is most relevant to their needs - then detect, explore, and analyze critical trends, patterns, and relationships contained within that data.

Knowledge Management Solutions

McDonald Bradley supports the exchange, storage, and use of interoperable data with:

• Schema and ontology modeling
• Database and taxonomy design
• Controlled vocabulary development
• Metadata management

We use these advanced methodologies to make data manageable for sharing and collaboration across an agency's enterprise and among multiple organizations.

Document and Records Management Solutions

McDonald Bradley designs management systems for all types of documents. We help agencies:

• Consolidate content currently stored in inaccessible formats and locations
• Provide better access with greater control
• Ensure a secure chain of custody for legal materials
• Reduce the cost of managing paper
• Establish records management

Proven Performance:

Scaling Enterprise Content Discovery

Challenge: In one DoD agency, queries were routed to every data provider on multiple systems. As content discovery scaled, excess traffic began to consume CPU cycles and bandwidth resources. As a result, performance was degraded.

Solution: McDonald Bradley implemented an intelligent router that sends queries only to relevant data providers.

Results: Excess traffic was eliminated and CPU cycles were conserved at each provider. Data and usage volumes now scale with little or no impact on performance.

Transparent Fused Access to Disparate Data Stores

Challenge: Another DoD agency stored its critical data in multiple systems, locations, and formats. Information was duplicated because the agency didn't know and couldn't determine what data it had or where it was.

Solution: McDonald Bradley developed and deployed a federated search and discovery solution.

Results: Now, the agency can find the data regardless of system location, and manage access according to its policies. Users can locate and use information - no matter where it resides - with a single portal and powerful search and discovery tools. New semantic web services help to filter data to what's important and to understand the information.

DoDIIS Intelligence Sharing for DIA

Challenge: DoD Intelligence Information Systems (DoDIIS) needed to enhance access and sharing of intelligence data among analysts, peer organizations, and end-user customers.

Solution: McDonald Bradley provided a semantically-enabled solution integrating a common vocabulary for horizontally integrated information sources and tools.

Results: The new system reconciles heterogeneous data semantics and provides tools so that end-users can transparently navigate, view, and manipulate data from multiple sources.

" This is great...you folks are doing the hard stuff." 

- Lewis Shepherd Special Executive Service, DIA

» BACK TO TOP

Why Information Assurance?

Information Assurance (IA) is the process and practice of maintaining trust in the integrity of information, even while making it fully accessible for appropriate, authorized use.

Keeping data secure in a networked and net-centric world presents difficult challenges when collaboration and sharing are critical to an agency's mission and operations.

It's a balance between access and security. Maintaining that balance with constant, critical adjustments as risks and requirements emerge is the complex substance of the IA mission.

Why McDonald Bradley?

McDonald Bradley provides expertise and capabilities that enable agencies to balance securing and using enterprise assets. Our IA qualifications include:

Our Own Team of IA Professionals

• Recognized experts in security for SOA enterprises
• Published authors of many books
• Frequent speakers at security conferences
• Hold all clearance levels

Former Government Executives on Staff

• Managed highly successful FISMA compliance programs
• Earned A+ ratings from Congress

Proven Past Performance

• Designed and implemented SOA security solutions for DoD
• Managed C&A for DoD SOA implementations
• Developed the NCES SOA Security Toolkit for multiple enterprises
• Designed a global PKI implementation for the U.S. Patent and Trademark Office
  

McDonald Bradley IA Services and Solutions:

Security Architecture, Development, and Integration

McDonald Bradley designs and develops security services within both service-oriented enterprise (SOE) and legacy environments.

The approach to these environments is very different. Where security in a legacy environment is typically provided on a system-by-system basis, SOE security requires a well-considered, standards-based strategy.

We have extensive experience and domain expertise in designing security frameworks for data, applications, and systems combined as shared services.

Identification and Authorization

McDonald Bradley helps agencies translate their access policies into real-world enforcement by proactively managing identification and authorization.

We deliver identification methods, including passwords, PINs, certificates, tokens, and biometrics. We also support a range of authorization criteria, including sharing policies.

Our solutions give agencies very granular control over access and use - so they can choose what they will "dare to share" strictly according to what users "need to know."

Security Infrastructure Integration

McDonald Bradley manages the entire lifecycle of selecting, implementing, and operating security technology.

We help agencies meet new requirements and counter new threats by assessing risks, prioritizing vulnerabilities, planning improvements, testing solutions, deploying upgrades, and managing systems and networks.

We provide a full range of support - from installing individual security devices to designing secure operation centers.

Certification and Accreditation (C&A)

McDonald Bradley helps agencies navigate the complex and time-consuming process of complying with the Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), DoD, and intelligence community C&A requirements.

We provide proven methodologies and tools that streamline and accelerate procedures for evaluation, risk identification, definition of mitigation strategies, and authorization.

We recommend and implement the elements required for certification, so that officials can sign off with confidence.

Proven Performance:

FISMA Compliance for Multiple Agencies

Challenge: Implementing FISMA guidelines requires agencies to follow NIST guidelines and to report the state of their security to OMB. OMB is required to consider the effectiveness of agencies' security programs in the allocation of their IT budgets. Thus, the documentation of effective security must be a critical priority for every agency - to protect both enterprise assets and program funding.

Solution: McDonald Bradley provides services that support the entire FISMA compliance process - from the evaluation of systems to the development of mitigation strategies and the remediation of elements for Final Authorization to Operate (FATO).

Results:

• Library of Congress - McDonald Bradley created new information security policies, developed system hardening guides, conducted C&A for key systems, and developed and deployed a security operations center.
• Department of Justice - McDonald Bradley supports security program planning for a 80,000-seat office automation system.
• Bureau of Industry and Security (BIS) - McDonald Bradley developed a bureau-wide IT security program and conducted C&A for all BIS IT systems.

SOA Security for DoD Challenge

Challenge: DoD needed to integrate security into the service-oriented architectures of its Net- Centric Enterprise Services (NCES) and Horizontal Fusion programs.

Solution: McDonald Bradley implements security architectures and processes based on such standards as SAML, XML Signature, and WS-Security. These solutions enable a fully trusted single sign-on across all SOA applications and web services.

Results:

Defense Intelligence Agency (DIA) and Defense Information Systems Agency (DISA) - McDonald Bradley designed, developed, and deployed award-winning SOA handlers that secure web clients and services with citizenship-, policy-, clearance-, and role-based access controls rated at Discretionary Access Control (DAC )+. NCES and Horizontal Fusion users can now access applications and services (according to their level of authorization) with a single sign-on.

» BACK TO TOP

Why EMG?

EMG provides a framework of policies and procedures for making strategic decisions about IT investments and management. It supports the alignment of plans, business processes, and systems - both within organizations and across functional boundaries.

McDonald Bradley EMG Services and Solutions:

Strategic Planning

IT strategic and supporting implementation plans drive the selection, deployment, and evaluation of IT investments. They ensure compliance with the Clinger- Cohen Act, the Paperwork Reduction Act, and the Government Performance Act. The Office of Management and Budget (OMB) requires IT strategic plans and business cases as a part of the budget submission process each year. McDonald Bradley helps agencies create and update IT strategic plans that incorporate strategic initiatives, critical milestones, and resource requirements. We also assist in baselining current performance and determining how agencies can best leverage technology to meet their requirements.

Enterprise Architecture (EA)

EAs provide a structured model of an organization's operations, business processes, data, applications, services, and infrastructure for use in disciplined planning. The Clinger-Cohen Act requires EAs while both the Government Accountability Office (GAO) and OMB advocate their use. OMB has integrated EAs into its IT investment and budgeting processes. Our EA experts help agencies develop, deploy, mature, govern, and leverage service-oriented architectures (SOAs) in their IT management processes. Our experience includes both "as is" and "to be" architectures, as well as migration strategies and transition plans.

IT Investment Management (ITIM)

Mature ITIM is critical to aligning IT with an agency's strategic objectives, especially when its budget is tight. The Clinger - Cohen Act requires ITIM, GAO has guidelines for maturing ITIM, and OMB provides ITIM guidance in Circular A-130. McDonald Bradley's mature ITIM processes ensure that investments deliver on time, within budget, and according to all requirements. We enable agencies to develop and mature their ITIM practices so that they can understand and mitigate risk, purposefully manage their IT portfolio, comply with all regulations, craft effective OMB Exhibit 300s, and track all lifecycle documentation.

Program and Project Management

The roles and responsibilities of Federal IT program and project managers (PMs) are critical to ensuring that information systems are planned and deployed effectively. OMB provides guidance and defines certifications for PMs in Circular A-11 and in OMB policy memo M-04-19. McDonald Bradley's Project Management Institute (PMI)-certified Project Management Professionals (PMPs) support Federal IT program managers both at the enterprise and project levels. From an enterprise perspective, we are experts in applying PMI guidance to help agencies develop and integrate consistent and effective PM processes, procedures, controls, tools, people, and training.

Asset Management

An accurate baseline of your IT assets provides a solid foundation for investments, change management, and IT security. It also prevents costly and embarrassing problems with software licenses, compliance issues, lost equipment, and poorly managed applications. We use automated tools to manage enterprise assets in real time, inventory network-attached items; assess software policy compliance; plan and deploy tracking and reporting systems; define baselines, identify savings opportunities, establish compliance with standards; document dependencies and develop change management controls; and empower IT decision making with awareness and accurate information.

Independent Verification and Validation (IV&V)

IV&V incorporates both program management and system engineering functions to assess project performance, improve mission success, and control costs. OMB mandates IV&V for some projects. It requires agencies to assess their IT investments using OMB Exhibit 300. Using our Quality through Verification and Validation (QV2™) methodology and toolset, we capture objective data and perform independent assessments of program quality, performance, security, and compliance. We have extensive experience in using QV2 to document and evaluate software development projects, EAs, ITIM processes, project management office (PMO) efforts, service level agreement (SLA) performance, and license audit validation.

Proven Performance:

Department of Education

Challenge: The Department of Education needed strategic planning, program management, and governance support within Federal Student Aid (FSA) to ensure the success of IT investments.

Solution: McDonald Bradley provided comprehensive program management capabilities. These included initiating and managing an FSA-wide project management office (PMO) responsible for establishing centralized cost and schedule controls for all projects, tracking status, and providing regular reports to stakeholders. We also assessed the FSA enterprise, identified gaps, defined issues, and established security architectures.

Results: The PMO now manages and governs FSA's IT investments with complete management visibility and real-time data for all programs and projects.

Drug Enforcement Administration (DEA)

Challenge: The Drug Enforcement Administration (DEA) required an asset management solution that would enable it to enhance response to system outages, plan upgrades more efficiently, and understand future investment needs.

Solution: McDonald Bradley developed a plan to use an automated system based on integrated COTS products that would manage DEA's IT infrastructure assets.

Results: The DEA has been able to signifi- cantly reduce its costs for remote support.

United States Patent and Trademark Office (USPTO)

Challenge: The United States Patent and Trademark Office (USPTO), Office of Customer Information Services (CIS) required several organizational assessments to ensure mission success and to develop division-level business plans that would integrate with its overall strategic plan.

Solution: McDonald Bradley completed assessments and developed business plans for all three CIS divisions. In the plans, we identified initiatives for increasing electronic processing, leveraged delivery of services via the Internet, and streamlined business operations. McDonald Bradley also updated the CIS business plans to incorporate initiatives identified during the assessments.

Results: The USPTO used information from the assessment documents and business plans to formulate its budgets. Metrics included in the business plans were used to track and review the effectiveness of the initiatives as they were developed and implemented.

» BACK TO TOP