Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars     Apps     EBooks
   AFCEA logo
 

Connections With Protections

August 2002
By Maryann Lawlor
E-mail About the Author

Software facilitates shielded collaboration between agencies.

Technology is now available that allows various organizations to share information from their databases without compromising their sources or individual agency policies. The software would enable national security and law enforcement groups to coordinate their efforts by facilitating the tracking of suspicious individuals and their activities.

Recent events have demonstrated the catastrophic consequences of keeping key information in disparate locations. Each agency might have a piece of the puzzle, but without coordination, the entire picture cannot emerge. These problems have resulted from limitations in two important areas: policy and technology. On the policy side, law enforcement and intelligence organizations have distinct procedures that they follow—and for good reason. Keeping bits of information isolated prevents adversaries from being able to open one book, see all the information then take advantage of it. From a technical standpoint, a variety of currently available products provide individual capabilities but not a comprehensive solution.

While technology firms cannot solve the policy issues, one company has developed an approach that addresses the technical challenges by combining established products to provide one new solution. The iWay Security Exchange (iSE) combines capabilities created by two New York firms, iWay Software and IBM, using integration technologies. The software creates collaborative frameworks for exchanging security information across department, agency and national boundaries. iWay Software, an Information Builders Incorporated (IBI) company, specializes in middleware that accelerates business integration. While it is up to government leaders to determine the policies that will ensure U.S. security, company officials say once those policies are established, the iWay Security Exchange can provide the technical capabilities.

Larry Reagan, director of IBI’s federal systems group, Arlington, Virginia, explains that although policies are one key to sharing information, a technological leap also is required, and most government agencies realize that they are having difficulty getting to where they need to go. Part of the problem is that individual systems were built specifically so information could not be shared.

The second challenge is cultural, he adds. Asking agencies to share information when they are traditionally accustomed to protecting their data results in some reluctance. “There are a lot of reasons that information isn’t shared, but there’s a time that it has to be shared,” Reagan says. “But sharing must be based on rules, and that’s the major leap for the government to understand.”

Jake Freivald, director of marketing for iWay Software, agrees. “Many government organizations struggle with collaboration because of a variety of policy and ‘Washington culture’ issues. Technology alone cannot solve political and policy problems, but iSE can provide a partial solution in many cases or at least ensure that technology is not the major stumbling block,” he says.

ISE combines the three major integration types: straight-through processing, data consistency and composite applications. Straight-through processing automates step-by-step processes using a central integration broker that employs messages to coordinate the activities of many applications. Data consistency involves duplicating sets of data on a scheduled basis to ensure that information in one application is reflected correctly in another. Composite applications connect information systems, creating one application out of many.

The security integration suite and the information delivery suite are the two primary software suites that constitute iSE. While the first suite supports integration of information systems for composite applications and straight-through processing applications, the second focuses on composite applications for reporting and information delivery. A warehouse deployment option can be added to either suite to ensure data consistency.

Message delivery is provided through IBM’s WebSphere MQ message-oriented middleware. Intelligent message integration and routing is facilitated through IBM’s WebSphere Integrator. Formatting, transformations and adapter invocation occur through the iWay XML Transformation Engine. Information Builders’ WebFOCUS offers comprehensive data access and connectivity, and information can be delivered to Web browsers and wireless devices or through e-mail.

“Because every agency needs a combination of real-time and historical data, iSE provides the ability to report from a variety of information sources. Repositories such as data marts and data warehouses are usually considered the only source of analytical information, at the cost of limiting integration to the data consistency integration method,” Freivald explains. “But iSE also provides the ability to connect directly to over 140 live applications and databases or even information as it flows through an iSE straight-through process.”

Both Freivald and Reagan emphasize that iSE’s capabilities are based on established technologies, not beta versions. “The federal government wants tried-and-true solutions. If they don’t work, well, there is no option that they don’t work,” Freivald states.

Although sharing information and collaboration between agencies seems like the logical solution to the disconnects between intelligence, investigative and law enforcement organizations, several roadblocks prevent the free flow of data among these groups. Laws that protect privacy, civil liberties and the rights of American citizens limit types of information that can be shared. “No agency has only one task,” Freivald explains. Intelligence agencies, for example, must collect intelligence on foreign nationals, protect their sources through compartmentalizing and sanitizing the data, and preserve citizens’ rights by keeping citizen and foreign national data separate. An agency will—and should—balk when collaboration requirements appear to threaten its ability to function effectively, he adds. Although the USA PATRIOT Act, passed in October 2001, relaxes information-sharing standards, it is a long way from total sharing, Freivald says. USA PATRIOT is the acronym for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.

While agencies are required to protect the information they have, they also must share it with organizations that have to follow different standards, requirements and legal mandates. In addition, current technical infrastructures could affect how an agency handles its information. Each organization has systems and policies in place that cannot be changed overnight, Freivald points out.

To facilitate working together more effectively, Freivald proposes that an information technology approach must support three capabilities. First, it must offer openness and flexibility so that information can be mapped in some type of conical format and be available to all the necessary operational systems. For example, Immigration and Naturalization Service (INS) problems, which were highlighted when the visas of the September 11 terrorists were delivered to their flight school months after the attacks, demonstrated that the decision-making process can take six to eight months. “It took a long time to process something that they should have never processed in the first place. If they are going to make the decision manually, then they should do it. But the processes in place at the INS did not allow people the time to do a lot of the things they needed to do to make better decisions. They have to automate the internal processes,” Freivald offers.

Second, interactions between various organizations need to be automated. For example, almost immediately after September 11, law enforcement and intelligence agencies determined who the hijackers were and what some of their movements were prior to the attack. This was accomplished because various groups quickly began to compare their information.

Freivald suggests that an automatic data checking chain could bring critical information to light faster. “For example, today, if you are stopped by the New York police for a traffic violation, they check with the New York Police Department to see if you’re wanted for another crime. We have to share that—check with—say the FBI [Federal Bureau of Investigation] or the CIA [Central Intelligence Agency] so they can check as well. It’s getting the information to the people on the street. Collaboration would happen in a very rapid, very automated way,” he relates.

Finally, Freivald maintains that better information must be collected. Even if other agencies do not have information that would indicate that a person should be detained immediately, they would now have, on record, data about the location of individuals. If a particular name appears repeatedly in their database, they may be able to recognize a pattern and decide if further investigation is necessary. For example, they may want to determine if the individual has a gun permit. “So the FBI can send out an agent even if it didn’t have enough information to tell the police officer that the person should be detained,” he offers. That’s an extremely complicated technology that hasn’t been figured out yet, Freivald admits, but adds that iSE might be able to make that capability possible.

Reagan notes that the iSE technology was developed in October 2001. “After September 11, we sat down and wanted to know what we could do. By the end of October, we had it down. We briefed government agencies and the Office of Homeland Security. Clearly, one of our concerns is that there hasn’t been a move to implement something like this. One question is the horizontal integration problem. Once we have a framework established, it could go along smoothly. There also is a vertical integration challenge of having the local, state and federal governments all communicating. But, our technology allows all of this to happen, and it can be done incrementally,” he says.

Government officials tell Reagan that technical solutions are being discussed and planned, but at this time not a lot of funds are being spent. “They are building or will be building a solution that the entire security of our country will depend on. So, they will take the right amount of time to do it right,” he emphasizes.

While there is a certain amount of “hurry up and wait” on the government’s part, Freivald remarks, critical needs are being met. “There are some things that people see as urgent, and urgent problems are being solved. For example, the New York Department of Health has under its domain hospitals, pharmacies and medical personnel. It has asked these groups to report certain symptoms that they are seeing to the department. All of this information is fed into back-end systems to figure out if there are clusters of symptoms. That is something that is immediate in nature and has bigger implications. They can talk to one of the CDC [Centers for Disease Control]. They have the information security because we have to be sure that this information cannot be tapped into and others, including terrorists, can find out what’s going on and plan a strike or change their plans based on the information,” Freivald states.

One federal organization already has examined iSE. The FBI’s Information Resources Division has tested the technology; however, representatives from the bureau will not comment on their findings.

Reagan and Freivald allow that there has been a lot of interest expressed in the technology, but action might not be taken until next year. “This is a big boat and it’s hard to circle. People are making life and death decisions, so naturally they will take the time to do it right,” Freivald concludes.

 

Additional information on the iWay Security Exchange is available on the World Wide Web at www.iwaysoftware.com.