RSS - Regulations, Statutes and Standards TMC

Comprehensive Homeland Security Communications Networks Proposed

January 29, 2008

A not so sparse amount of white papers crosses my desk each day.

Most are thinly (if that) disguised marketing pitches for products or services that seek to provide solutions for problems that may or may not be exaggerated. That's why I blog about very few of these resources.

Yet there is at least one obstacle all levels of government have to face. That would be bad acts, and the response to it. Bad acts by nature, or by what I term, "humanunkind."

Two words:

Katrina. 9/11.

But I will tell you what. I've just been sent a white paper from a company called Swan Island Networks.

Based in Portland, Oregon (as am I) Swan Island Networks is a developer and manager of technology solutions to help governmental entities, first responders, and security forces both public and private communicate more efficiently when it hits the fan and lives are on the line.

BTW these guys aren't code jocks riding on a wing and a prayer. Since April, 2007, they have been a partner in the Secure Information Sharing Architecture— SISA—in conjunction with Cisco, EMC, Microsoft, Liquid Machines, and Titus Labs.

But actually, they do have experience riding on "a wing." That'd be board member Gen. Merrill "Tony McPeak, who was U.S. Air Force Chief of Staff from October 1990 up until October 1994.

Swan Island Networks, incidentally, derives their name from Swan Island, an industrial area of Portland that witnessed substantial ship construction for fighting World War II. And many would say we are in a war now.

The paper I will bring you after the jump is entitled Next-Generation Homeland Security Networks. It is written by Swan Island Networks CEO Charles Jennings, as well as veteran Swan Island executive Pete O'Dell, whose base near Washington, D.C. enables him to obtain the ear of government agencies hungry for solutions to the problems I have described.

Follow along as I present this white paper. I promise you will learn a lot.

 


What if American response to terrorist and disaster risk can best be coordinated by leveraging ready elements of the public computing infrastructure—as our enemies do today?

What if the future of information sharing for homeland security lies more in the emergence of many bottom-up, connected systems than in the design and implementation of a single, Swiss-army-knife application?

What if what’s needed to take advantage of America’s clear information technology leadership is not so much innovation, but standardization and consolidation?

This paper addresses these possibilities…and presents a suggestion for the next stage of development for the Homeland Security Information Sharing Network (HSIN). 

Background

For the past five years, the authors have worked in the field of public/private information sharing.  They have participated in homeland security exercises and military R&D programs, and supported various state/local/NGO online public safety communities.  They have also worked with Fortune 500 companies to design, build and operate systems for consolidated Operational Risk Management (ORM). 

The opinions in this paper were shaped by this experience—and by the perspectives of public and private sector security pros who work daily to protect people, property and information.

In the Trenches…Remarkable Agreement

At first, sharing all-hazards response information across an entire FSLTIPP  environment can seem to be a daunting, if not impossible, task.  Conflicting IT platforms, identity management systems, and access control policies; divergent cultures and missions; unresolved jurisdictional issues; varied requirements for coalition sharing; existing laws and regulations…all these can easily slow information sharing progress, if not stop it altogether.

Without diminishing these obstacles, it is possible, the authors believe, to work around many of them.   The three keys to this approach are:

  1. Deploy a bottom-up, services-oriented architecture, designed to connect many different systems and information sources;
  2. Recruit early adopters, using an opt-in rather than an opt-out participation model;
  3. Deliver the right information, and just the right information.

These three precepts have been derived directly from what security and intelligence pros have been telling the authors for years.  Here’s what these pros don’t want:

  • Yet another standalone application—unless it can help them consolidate the twelve unconnected security apps already on their desktop.
  • A top-down mandate—they want to proceed at their own pace, and with their own focus.
  • An inert set of tools—it’s the content, stupid! is a familiar cry in the field.
  •  And yet…neither do they want to drink from a data firehouse.  Deliver needles, not a haystack is another familiar saying in the field.

What security and intelligence pros do want has much more to do with smart decision-making than with technology.  Their needs from an all-hazards information sharing system are simple, and remarkably consistent:

  • They want to up-to-the-minute reports on critical late-breaking events, with the ability to drill down into related background information when necessary.
  • They want information from as many sources as possible—ranging from proprietary internal data, to open source Internet feeds, to high-trust, small-group collaboration links with peers outside their organization.
  • They want this information intelligently targeted to them, and easily filtered by them.
  • They want the system to operate with a high level of trust and assurance.
  • They want the system to be easy, reliable, highly distributed, highly connected, policy-controlled and (in many cases) inexpensive.

What’s needed in the field begins to look like something very close to Internet social networking.  Fast, dynamic, flexible.  Highly interconnected.  Designed and enabled to share.

Yet there’s a big difference.  While they need to leverage open, public networks, homeland security information sharing systems cannot be truly open and public.  For effective information sharing to flourish, they must move beyond necessary elements of IT security, toward new kinds of online trust. 

This first principle of an online trust model for information sharing is:  focus on letting only “known good guys” in, rather than on just keeping “unknown bad guys” out.  The Known Good Guy (KGG) model works best when relatively small, pre-socialized “circles of trust” are used as the root of system for membership and community authorization.  These groups can then interconnect, and share among themselves—without having to manage, or trust, a huge member base.

From this perspective, a next-generation homeland security information system becomes a “community of trusted communities,” all leveraging the same resources, but accessing them in different ways, according to different rules. 

This kind of bottom-up, circle-of-trust membership credentialing can create a high-trust/high-assurance environment that inspires member confidence—and increases information sharing.  This is especially true when the supported online community is dedicated to a particular mission-critical operation, or a particular area of domain expertise. 

With trust and confidence in the community, and with a standards-based approach architecturally, new forms of information sharing and cross-organizational “mash ups” can sprout and grow.  

Tactical Considerations

While the authors believe that the above circles-of-trust construct can work for a variety of homeland security, public health and safety and national defense applications, its utility as a basis for a next-generation HSIN will require that certain additional tactical considerations be addressed.  Chief among these are:

  • Speed:  Next-generation homeland security information systems must deliver information about breaking events within seconds of their occurrence.  Automatic, rule-based dissemination of information provided by myriad real-time sources can help.  So can the deployment of platform-agnostic services linked to both stationary and mobile devices.
  • Interoperability:  Information sharing systems must interoperate—no one system should be the presumptive “master” that dictates policy and local technology choices.  And, the day will come when sharing terrorist information with allied and friends will become an imperative.
  • Transaction-based:  Shared information must be structured in consistent formats, so that it can be disseminated, augmented, analyzed, and fused with internal systems.
  • NIEM standards:  DHS and DOJ have done very good work on the National Information Exchange Model (NIEM).  This data model, much more than any set of technologies or applications, has potential to revolutionize information sharing between systems of all types.  For example, anyone adhering to NIEM’s Common Alerting Protocol (CAP) can send and receive full alerts from another source, and immediately incorporate them into their systems.  A real-world example of how standardization can build interoperability and efficiency is NATO’s 7.62 ammunition standard:   It doesn’t matter which NATO country makes the rifles—all can exchange ammunition in a predictable fashion.  NIEM offers the same opportunity for “information bullets.”
  • Ability to integrate state, local, and private feeds:  Next-generation information sharing must allow a state or region to publish its own information into fused dissemination streams if they so choose.  This will minimize the number of disparate systems that the end recipient has to deal with, making them more effective.  It will also provide many different perspectives regarding an ongoing threat or event.
  • Filtering and targeting:  Information must be targeted (centrally) and filtered (individually) to different kinds of communities, according to present conditions, user attributes (including real-time location), information rules, etc. 
  • Trusted computing:  Building trust into an information sharing system, technologically speaking, begins with the data, not with the database.  Policy-driven information controls, coupled with end-to-end enforcement mechanisms, enable highly secure data-level interoperability.  Greater information control leads to higher information assurance, which in turn helps create a trusted environment where members have the confidence to share and collaborate.
  • Communities of Trust:  Communities of Trust are a key element in the effective dissemination of information.  They disaggregate authorization and ID management bottlenecks, and distribute the very difficult, and critical, task of membership management (including, especially, change management).  By using Communities of Trust, policies can be highly variable across the trusted network, and be well understood and enforced within relatively small groups.  Plus, information can be tailored for delivery according to missions, situations, locations, and cross-organizational expertise.
  • Flexible policy:  In the event of an attack or natural disaster, information sharing policies may have to change dynamically.  Automated, flexible, cross-organization policy mechanisms enhance overall responsiveness, and can enable situation-based policy overrides by authorized personnel.
    Immutable audits:  Future homeland security information systems should hold everyone accountable for actionable information.  Having an audit that will show who got what, when, and what they did with it, will not only increase personal accountability, but also go a long way toward dispelling the “fog of disaster” during events, and promote learning from them afterward.

Conclusion

Though outside the scope of this paper, many proven, marketplace technologies are available today to support the high-level information sharing model outlined above.  These technologies come from many different vendors, and can be interconnected, and controlled, to produce new capabilities, connect previously isolated intelligence “dots”, and improve decision-making. 

These technologies range from Web portals, to cell networks, to geospatial information systems, to Web 2.0 style collaboration services…and much more.  Together, they have almost unlimited potential to improve national responsiveness and security. What’s needed is an operational framework that fuses them together—in ways that take heed of what security pros in the field have been saying, with remarkable consensus, for the last five years.

The theme of this feedback from the field is that the last thing professionals on the front lines of homeland security want is yet another standalone application.  Next-generation systems must begin by integrating with local technologies, policies and systems—so that new systems support and enhance existing capabilities, rather easily, instead of replacing them.

The authors believe that the federal government can play a key role in addressing this need for greater information flow and organizational connectivity by leading standards initiatives, and by supporting bottom-up growth of self-governing, cross-organizational communities, linked into a greater FSLTIPP homeland security community.  Because speed, flexibility and low cost are key user requirements, we believe that next-generation systems should leverage the nation’s existing public computing infrastructure to support these interconnected communities, while prioritizing the development of next-generation information controls within this infrastructure.

Introduction


Related Tags: , , , , ,

Listed below are links to sites that reference Comprehensive Homeland Security Communications Networks Proposed:

Trackback Pings

TrackBack URL for Comprehensive Homeland Security Communications Networks Proposed:
http://blog.tmcnet.com/mt3/t.fcgi/34902

Comments to Comprehensive Homeland Security Communications Networks Proposed


(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)