Security takes a pragmatic turn

Technology for homeland security will be as progressive as biometric identification, data mining and pattern matching. It also will be as prosaic as making the nation's health databases talk to each other to pinpoint instances of bioterrorism.Agencies are asking for technologies that weren't in demand before Sept. 11, said Jim Geiger, senior vice president for federal civilian agencies at KPMG Consulting Inc. of McLean, Va. But few of the concepts have been sorted out or funded.In the meantime, Geiger said, agencies have to decide how to better use what they already have.On the evening of Sept. 11, while fires still raged in New York and Washington, Attorney General John Ashcroft announced that the Web site of the Internet Fraud Complaint Center, at , had become the central point for submitting online tips about terrorist activity.'The next morning we were taken to our knees by the volume,' said Bruce J. Brotman, CIO of the National White Collar Crime Center. 'We didn't have the bandwidth to support it.'The center and the FBI set up the site at a Fairmont, W.Va., data center two years ago to receive complaints about financial crime. Since Sept. 11, it has received more than 150,000 tips and tens of millions of hits. Lacking a budget to beef up its infrastructure to handle the traffic, the center asked Akamai Technologies Inc. of Cambridge, Mass., for managed-content delivery.Akamai activated its EdgeSuite service Sept. 12, and the site has not been down since, Brotman said.The White House Web site began using EdgeSuite in July following Code Red worm attacks there. The FBI began using it on Sept. 11, and the Centers for Disease Control and Prevention followed suit after the anthrax attacks the next month.They are what Christopher S. Carlston, Akamai federal sales manager, called the 'Oh, crap!' customers'reacting to a sudden emergency.'Some agency sites saw traffic increases of 2,000 percent' in the wake of Sept. 11, Carlston said. Lacking money and time for capital improvement to their infrastructures, they worked to maximize the performance of existing technology.The emphasis on functionality characterizes post-Sept. 11 federal IT, several industry analysts said.'Before that, even with the burst of the dot-com bubble, the focus had been on pushing 'the next new thing,' ' said Laurie McCabe, vice president of Summit Strategies Inc. of Boston. 'Sept. 11 changed that for good. I think we are looking at a very pragmatic decision-making period.'To mitigate risk, agencies look for proven technologies with a minimum of up-front cost, McCabe said.Such challenges are nothing new in the federal government. 'History did not start on Sept. 11,' said Mike McConnell, former director of the National Security Agency and now a vice president at Booz, Allen & Hamilton Inc. of McLean, Va. Current IT history began with preparations for the year 2000 transition, he said.Crisis management had been a big part of the year 2000 effort, but 'when that came and went, people shelved their plans,' said Bob Fortna, vice president of government solutions for Avaya Inc. of Basking Ridge, N.J. 'People felt safe, and it wasn't until Sept. 11 that they realized crisis management had to remain part of their plans.'Nevertheless, agencies are better off than before, Fortna said, because the transition forced managers to develop more sustainable systems.One problem often cited since Sept. 11 is the inability of agencies to share information outside their tightly defined mission areas. Data integration ideas have been sprouting up rapidly.Tom Conaway, managing director for federal services at KPMG Consulting, cited Pennsylvania's statewide Justice Network as an example of pulling together existing systems. JNet links legacy databases with a combination of middleware and public-key security, he said.Another way of making sense of information is to combine databases in a single data warehouse, KPMG's Geiger said.'What's out there now is all the data you can possibly imagine,' Geiger said. Agencies need tools to make sense of it and turn it into action, he said.But the required data mining capabilities are far beyond the reach of today's applications. Agencies 'need something that doesn't exist right now,' said Lawrence E. Brandt, manager of the Digital Government Research Program at the National Science Foundation.The challenge in data mining is to convert unstructured data'audio, video and document image files that are not in row-and-column format'into structured data, said Jeff Babcock, vice president of public-sector marketing at SAS Institute Inc. of Cary, N.C.Still under development are technologies for transferring video files into binary formats and then searching for desired patterns based on mathematical algorithms, Babcock said. Once intelligence officials have the patterns in hand, they can start figuring out the significance.That's sort of the reverse of steganography, a method of hiding messages in other messages or image files. For example, two images can look the same on screen and contain the same amount of data, but one can hold a hidden message, Georgetown University security expert Dorothy E. Denning explained.Americans haven't yet seriously debated the degree of freedom they are willing to give up to improve homeland security, said Louis H. Ray, president and chief executive officer of Materials, Communications and Computers Inc., an IT engineering company in Alexandria, Va.Should the government require a national passport for domestic travel? Should immigration officials track the movements of aliens to make sure they leave the country on schedule? Both policies would require sophisticated IT systems to carry them out, Ray said.A national identity card or passport probably would have to be a smart card with some biometric data about its bearer, such as thumbprints or iris scans.Ray said it's possible to equip public places with cameras and other noninvasive tracking systems to identify suspected terrorists by their facial characteristics. But it would require good-quality facial scans loaded into systems with broadband access, massive processing power and many terabytes of storage, Ray said.Conaway said state attorneys general have been asking him how to improve communications tools for front-line public safety workers.Even before Sept. 11, public safety officials were calling for more rugged handheld computers that can withstand wear and tear at disaster scenes. Eventually, the devices will become rugged enough, Conaway said.Officials at Avaya, a communications company, are seeing increased interest in backup systems, wireless networks and multiple lines of communication for government.At Entrust Inc. of Dallas, questions about virtual private networks have increased greatly, chief technology officer Brian O'Higgins said.Proposals abound for applications to help first responders locate and communicate with each other at disaster scenes. Spurred by the twin disasters of Sept. 11 and a tornado on campus two weeks later, University of Maryland researchers demonstrated that an incident-response kit could be put together quickly from off-the-shelf handheld computers, wireless links and solar panels.Governments have not been shy about asking for homeland security help from the private sector. In early November, the Defense Department solicited ideas to combat terrorism, which were due Dec. 23.'I suspect you will be able to fill a room with the paper responses that DOD will get from across the country,' Geiger said before the deadline. 'Probably not a small room.'For example, KPMG Consulting submitted a proposal for a national version of Pennsylvania's JNet, Geiger said.When presidential cybersecurity adviser Richard Clarke proposed GovNet, a secure, air-gapped private federal network, 167 companies responded to the General Services Administration's request for information. GSA expects to recommend steps to the White House by February.As for cyberterrorism, experts are divided on the real risks from unlawful destruction or disruption of digital property.'You can take out large portions of the IP infrastructure very simply,' said David von Vistauxx, chief technical officer of Trelex Ltd. of Falls Church, Va. 'We have never seen a really concerted effort to do that.'Not even the widespread Melissa virus of 1999 was that concerted an effort, von Vistauxx said. Melissa was a noncontinuous attack, whereas an intensive attack using multiple tactics could take down large parts of networks for several days to a week, he said.Although Sept. 11 was a wake-up call, the security lesson will have to be continually taught and learned, said Larry Wolfe, CIO at the National Institute of Allergy and Infectious Diseases.'As terrible as Sept. 11 was, I don't think it's going to solve the security awareness problem for all time,' Wolfe said.