I skimmed through the 58 page spec document which was mostly filled with describing the vast levels of bureaucracy that they're putting place to manage this beast. I also did a simple word find on the word "security". I only found 3 instances of the word that weren't coupled with the word "homeland" as in the Department of. No instances of the word "authentication".
I know this is doc isn't intended to show the exact structure of the messages to be passed, but gee whiz, wouldn't you think they would address the topic of "how do we make sure that only members with access to the NIEM can retrieve/exchange this data."????
All I found was a quick reference to one of the committees that they're going to form - who has the responsibility of (paraphrasing) "helping member organizations handle data security".
That's kinda scary. Or does this thing just run on the super-duper-secret world-wide government inter-network? I mean, they never have any problems with data security on that thing. (see: Los Alamos Lab, Dept. of Veteran Affairs, etc.)