Government Policy APIs

Transcript

1. Policy API Approach Using web APIs to easily and consistently

   enforce complex government laws, policies, and regulations. { } 540.consulting John O’Brien - June 10, 2013 1

2. { } 540.consulting http://www.netage.com/economics/index-govcharts.html The top down Government hierarchy. John

   O’Brien - June 10, 2013 2

3. { } 540.consulting So many Laws, Regs, & Policies... ...

   govern US Federal Government business processes and are enforced from the top down. John O’Brien - June 10, 2013 3

4. { } 540.consulting The policies are designed for people to

   read. (ok that may be debatable if I said easily read) John O’Brien - June 10, 2013 4

5. { } 540.consulting But impossible for machines to read interpret

   enforce John O’Brien - June 10, 2013 5

6. { } 540.consulting Yet business systems are continually called upon

   to manage and enable business operations while enforcing policies via system controls John O’Brien - June 10, 2013 6

7. { } 540.consulting So system owners at the agency level

   have to continually... Look for new and updated policies being published Interpret new and updated policies and determine impact Re-configure and re- factor business systems to enforce John O’Brien - June 10, 2013 7

8. { } 540.consulting And policy owners at the top are

   continually... Monitoring output of business systems Measuring and ensuring compliance Enforcing policies John O’Brien - June 10, 2013 8

9. Can a single set of APIs help both parties? In

   many cases - YES. { } 540.consulting John O’Brien - June 10, 2013 9

10. Policy APIs Government managed libraries of policies correlated with machine

    readable and executable rules that can be read and/or invoked by agency business systems via a set of APIs to control processes. { } 540.consulting { } 540.consulting Built, managed, and maintained by the policy makers Consumed by / integrated into agency business systems John O’Brien - June 10, 2013 10

11. Government Employees Policy API Admin Business Systems Policy API Endpoints

    GET /policy POST /input GET /results Government employees manage library of regulations and rules in a self service dashboard API endpoints are built to expose reg / rules execute rules allow integration Business systems consume and integrate with APIs to consistently control policy governed business processes { } 540.consulting John O’Brien - June 10, 2013 11

12. Government Employees Policy API Admin API endpoints that meet the

    intent of different types of Business System integration needs. Systems (apps) that just want to invoke policy rules and get back answers all thru API calls Systems (apps) that want to invoke policy rules and provide interactive experience with policy API Policy API Endpoints { } 540.consulting APIs should be designed and shipped for different integration needs. 1 Systems (apps) that just want access to library of policies and rules 2 3 John O’Brien - June 10, 2013 12

13. Systems that want to invoke policy rules and provide interactive

    experience with policy API 1 { } 540.consulting Policy API Admin Policy API Endpoints Example Policy UI POST /input redirect user to address any policy specific input not available or provided via integration (allows for flexibility when policy inputs change) GET /results John O’Brien - June 10, 2013 13

14. Systems that just want to invoke policy rules and get

    back answers all thru API calls 2 { } 540.consulting Policy API Admin Policy API Endpoints Example POST /input GET /results does require business system to send in the right input to get back right output John O’Brien - June 10, 2013 14

15. Systems (apps) that just want access to library of policies

    and rules 3 { } 540.consulting Policy API Admin Policy API Endpoints Example GET /policy John O’Brien - June 10, 2013 15

16. Systems (apps) that just want access to library of policies

    and rules 3 { } 540.consulting Policy API Admin Policy API Endpoints Example Enterprise Business Systems that have their own rules library and engine to govern a specific business process. They would download and ingest the rules. GET /policy GET /rule John O’Brien - June 10, 2013 Yes, this may require mapping and predefined rules structure. 16

17. An recent example that aligns with some various parts of

    this approach Clause Logic Service published by DPAP { } 540.consulting http://www.acq.osd.mil/dpap/pdi/eb/clause_logic_service.html Provides the “hundreds” of contract writing systems across the DoD a single API to get the right clauses (terms and conditions) based upon the type of contract. John O’Brien - June 10, 2013 17

18. { } 540.consulting Easily managed by government thru Admin interface.

    Library of regulations and clauses available thru simple API requests. Integrates in an interactive mode only at this time (user is redirected to Policy UI like in example 2) John O’Brien - June 10, 2013 18

19. { } 540.consulting John O’Brien - June 10, 2013 19

20. { } 540.consulting Questions? John O’Brien - June 10, 2013

    20