Homeland Defense Portal Unlocks Information

July 2005
By Maryann Lawlor
E-mail About the Author

The command center of the Cheyenne Mountain Operations Center, North American Aerospace Defense Command (NORAD), is the fusion center for data from other centers within the command. Portal technology will improve information sharing among personnel at NORAD, the U.S. Northern Command (NORTHCOM), other combatant commands and Canada
Decision makers can let their fingers do the talking.

The combatant command in charge of U.S. homeland defense is in the midst of creating a one-stop cyber shop for information. The initiative supports a trusted information exchange by laying the foundation of an emergency event management framework. Developers contend that the tool will proffer the data and knowledge that commanders, agency leaders and law enforcement personnel need to make appropriate decisions during a crisis, and it ultimately will capture the decision-making process so it can be reviewed after the event has ended.

In an evolutionary process, the U.S. Northern Command (NORTHCOM), Peterson Air Force Base, Colorado Springs, Colorado, has been moving toward improved information sharing for the past two years. NORTHCOM’s mission—to deter and defeat threats against the United States—requires interaction with security organizations, all the armed services and government agencies. Its geographic area of responsibility includes the continental United States, Alaska, Canada, Mexico and the surrounding waters out to approximately 500 nautical miles as well as the Gulf of Mexico, Puerto Rico and the U.S. Virgin Islands. With a mission so far reaching, a community so large and an area of responsibility so vast, cyberspace may be the only place big enough to congregate.

Adding to the mix is the symbiotic relationship between NORTHCOM and the North American Aerospace Defense Command (NORAD), Cheyenne Mountain, Colorado. Because their missions are complementary, the two commands must be able to share information easily with each other and with other partners when a situation erupts.

Lt. Col. (Sel.) James A. Clark, USAF, chief, enterprise solutions branch, NORTHCOM/NORAD, is coordinating the effort to provide the commands’ decision makers with an interactive cyber environment that meets today’s basic requirements and that will offer additional features in the future. The new portal is the next logical step in information sharing for the command. In 2002 when NORTHCOM stood up, it had only a Web page. In 2003, the command began using Microsoft Team Services software, which came standard on its systems. While addressing some of the shortcomings of previous solutions, the portal is compelling the commands to address new challenges.

Team Services software allowed users to format pages, alleviating the bottleneck that results when only webmasters control this capability. While certainly an improvement over a static Web page, the move still did not create the total information-sharing environment the command desired. Users viewing information, for example, could not determine whether the documents were the final version or a draft.

It was this challenge that drove the command to the portal solution offered by Microsoft’s SharePoint Portal Server 2003, the colonel says. “With the portal, the content and the format are controllable by the user, so the portal becomes a focal point of information. It includes document workspaces and collaborative workspaces and the ability to move Web parts in and out. For instance, as in My AOL or My MSN, you can put a part for weather for your town on there or a news Web part, and it’s updated automatically,” Col. Clark explains.

Establishing this first piece of the portal is just the beginning, the colonel allows, and work currently underway will deliver what he calls “portal plus.” The portal team is now developing merging capabilities and collaborative tools that will further improve information sharing. For example, users will be able to conduct audio conferencing and videoconferencing from their desktops through a Web conferencing feature, and users will be able to capture and save conversations from chat sessions.

In addition, the ability to see presence information will be added, so users can move the cursor over a document title to see who posted it as well as if the document’s creator is online. “I know whether you’re online, I can instant message you and say, ‘I read your document, and I have a question.’ That’s another piece of the portal that we’re working to move toward. I would say that we’re within six months of putting that in place,” Col. Clark relates.

Another element of the portal is content management. Facilitating fast information sharing requires workflow automation. The colonel notes that automatically notifying users about updates to information will expeditiously get the most current data into the hands of the people who need it. In the area of event management, for instance, personnel preparing situation reports will be able to share their report with others for review and evaluation. When the document is updated and posted on the portal, decision makers will be alerted automatically that a new situation report is available.

Excluding the Joint Worldwide Intelligence Communications System, NORTHCOM and NORAD have three networks: the secret Internet protocol router network (SIPRNET), the nonsecure Internet protocol router network (NIPRNET) and the secret Releasable to Canada (RELCAN) network. Col. Clark says the portal team’s goal is to ensure that all networks have the same look and feel so users are familiar and comfortable with the tools no matter which one they are using. This approach saves training time, he adds.

The portal has been rolled out on the SIPRNET, and Col. Clark says the NIPRNET should be part of the portal by late summer. It is accessible to anyone with a .mil or .gov address. The challenge in the NIPRNET domain is defining the level of information sharing that can take place with users who have a .com address and who may very well be important participants in resolving an emergency situation.

From the trusted information exchange perspective, Col. Clark says the goal is to be able to share appropriate information between these domains with relative ease. This is not possible with current portal technology, he notes, but within the trusted information exchange framework, sharing information using collaborative tools such as the portal’s chat capability may be possible. Several multilevel classification chat initiatives are currently underway within the government that would allow users to communicate between the classified and unclassified networks using instant messaging, he offers.

Personnel in NORTHCOM’s Domestic Warning Center continually monitor developing weather conditions such as hurricanes. NORTHCOM can share this information with other commands and government agencies to prepare to assist other organizations after natural disasters.
“We’re following those efforts and trying to make sure that the solutions we put in place are in line with what the U.S. Defense Department does. We work very closely with DISA [Defense Information Systems Agency], DHS [U.S. Department of Homeland Security], the National Geospatial-Intelligence Agency through some common operational picture initiatives and some of the other combatant commands through different working groups to stay involved across the board. That way, we’re not pushing something that is 180 degrees out from where the rest of the Defense Department is going,” Col. Clark states.

Although it is important that NORTHCOM and NORAD are able to communicate with a multitude of organizations, the colonel points out that the level at which the interconnection takes place must be examined. “Finding what level of interface we want among portals is probably one of the next steps that we need to tackle as different organizations go through this process,” he says.

Amos Auringer, program manager, NORTHCOM/NORAD, explains that the portal team is examining some of these issues in terms of a service-oriented architecture. The capabilities boil down to two issues. One is whether the underlying technologies are compatible; the other involves the organizations’ data requirements and exchange capabilities. “It comes back to the enterprise architecture and understanding your operations and the data required to support those operations, and that will be different for every entity. Each organization has to understand, within its own enterprise architecture, its information exchange requirements and has to identify them before implementing technology,” Auringer says.

Col. Clark offers some examples of the portal’s role in helping manage events and in supporting other organizations. As hurricane season begins, NORTHCOM and NORAD as well as other organizations will start to track the weather. Because this information is available in the portal, all Defense Department personnel will be able to view a common operational picture of both weather reports and the military base infrastructure throughout the United States. This picture allows them to evaluate a hurricane’s potential effects and to anticipate which bases could support civilian organization efforts.

Although NORTHCOM does not lead emergency preparation or relief work, it still plays a vital role. From the preparation standpoint, the command may place personnel in an area on high alert and may preposition trucks and supplies to support the federal and state agencies in charge. Once the president approves a governor’s request for federal assistance, the command would provide assistance.

NORTHCOM also can employ the portal in its mission to deter and defeat terrorists, Col. Clark says. When the command receives information from forward-based combatant commands about the location and movement of dangerous individuals, it can track their activity using the SIPRNET to determine how they may attempt to enter the United States, for example. This information can then be passed on to law enforcement officials for further action.

In addition, because NORTHCOM has a macro view of events occurring throughout its area of responsibility, the information can be shared with the DHS or with other law enforcement agencies to deter an attack. Because much of the decision-making information in these two instances would be shared through the portal, it can be captured for archiving and review, the colonel points out.

Putting so much information at the fingertips of computer users empowers them but also poses challenges, Col. Clark admits. Policies and processes must be in place to control access so users fully understand the implications of the technology. This is the reason Maj. Gen. Dale W. Meyerrose, USAF, chief information officer of both commands, stresses that transformation involves culture first, process second and technology third, he states.

Records management is one item that must be addressed. While the Defense Department has a policy regarding archiving material used during decision making, this policy has not yet been extended fully to electronic media. “For instance, say there is a secret-level phone conversation, and we initiate different phone conferences when an event happens. When you’re in this phone conversation, people are making decisions based on information received. How do you record that information? What’s a record? What’s not a record?” Col. Clark relates.

Auringer adds that while current policies do not address instant messaging tools specifically, they do address content. If decisions are being made at the command level, he explains, rules govern how the information should be handled and archived. “The format of how to archive a chat session and logging in, well, there isn’t a standard across the Defense Department for that yet,” he says. Col. Clark notes that the portal team is providing input to the department about standards and capturing the electronic information.

Choosing the right chat tool is another challenge the portal team must address. “We’re using one chat infrastructure right now called Internet Relay Chat, or IRC, on our SIPRNET, and we’ve been looking at a replacement. But we think that’s going to be a Defense Department enterprise solution, and DISA is exploring some options right now. So we’re waiting on them to come to us with what they’re going to recommend as a chat solution,” the colonel states.

“One of the reasons we rolled out SIPRNET first was that it was a little bit simpler, but it helps drive us and helps us understand the technical solution required to open up our environment to external users. One of Gen. Meyerrose’s strategy pieces is that our trusted information exchange be accessible from anywhere in our area of operations within 20 minutes. That requirement gets us into identity management. How do I know you are who you say you are when I’m trying to share information with you? So that’s a challenge for us, and it’s one of the pieces that we’re working,” he says.

Information assurance has been a high priority throughout portal development, the colonel maintains. The command has been working with a number of industry partners to ensure information security and to explore other areas such as extending the portal to mobile devices like cellular telephones and virtual private network connections.

The command also is examining how to use the portal for application integration. Col. Clark explains that the first level of integration involves the ability to link to a Web page through the portal. The second level would allow users to view documents residing at other locations from the portal page. Although he is not sure how it would be used, the final level would enable users to pull data from other locations into their portal page, use it for decision making then archive it there.

In the future, the colonel says the team would like to build a situational awareness dashboard that would display status information to commanders. Databases from throughout the commands’ areas of responsibilities would feed into this dashboard so commanders would have the most up-to-date information automatically.


Web Resources
U.S. Northern Command: www.northcom.mil
North American Aerospace Defense Command: www.norad.mil