Security agencies face many data-sharing obstacles

Homeland Security CIO Steve Cooper briefs FOSE attendees about the department's data-sharing initiatives. He recently told Congress collaboration efforts are 'back on track.'

Henrik G. de Gyor

Government officials agree that sharing homeland security information among federal, state and local agencies will greatly improve their ability to protect the country from terrorism, but working out the details on how to do it has proven a formidable barrier.

Most of the obstacles to information sharing aren't technical, officials from several levels of government said this month at FOSE 2004. Instead, the hurdles result from clashes on cultural and policy matters.

A recent move by the Homeland Security and Justice departments to resolve longstanding barriers to integrating their respective homeland security information sharing networks illustrates this point.

After a year and a half of delay, DHS officials in charge of the Homeland Security Information Network last week appeared poised to begin interconnection talks with their counterparts who run the Regional Information Sharing System, a Justice-funded law enforcement network that links about 160,000 users. HSIN has about 50 users and is set to grow to about 200 by the end of the year.

Homeland Security CIO Steve Cooper acknowledged the delay in connecting the networks in testimony before the House Homeland Security Select Subcommittee on Cybersecurity, Science, and Research and Development. 'There was a period of time when the connection was not occurring,' Cooper said. 'We recently have gotten that back on track.'

Riss.net officials said they have sought to create links between their network and HSIN, formerly known as the Joint Regional Information Exchange (JRIES).

HSIN's program manager, retired Air Force Col. George Marenic, said policy and security issues prevented links between his network and Riss.net when DHS secretary Tom Ridge announced the system's rollout in late February.

Whether cultural and policy problems have been solved, technical issues may still lurk in the background of the Riss.net-HSIN interconnection. Although DHS officials have said they plan to upgrade HSIN to function at secret and higher classifications in addition to the sensitive but unclassified level, the National Security Agency has raised a red flag about HSIN's security.

Larry Castro, NSA's representative to DHS, warned the department's Information Analysis and Infrastructure Protection Bureau in a recent memo that HSIN might not be secure enough to carry classified information.

'Our sense is that using JRIES as the basis for a classified system would be very difficult, given accreditation requirements,' Castro noted. The requirements call for security features and testing to protect classified information.

Castro offered to assign an NSA staff member to the department to provide IT security help and to evaluate HSIN. Cooper said DHS would accept NSA's help.

While DHS and Justice seem to be resolving their integration problems on the data-sharing network, many other information projects face similar hurdles.

At FOSE, Chip Hines, program manager for the disaster management e-government project in DHS' Federal Emergency Management Agency, detailed a cultural issue.

'Fire departments, police departments and emergency medical services departments are different communities that have different cultures,' he said, noting that even terminology differs.

Panelist George Ake, the District of Columbia's program director for the Capital Wireless Integrated Network, which weaves together wireless systems in the Washington region, said he was struck by the cultural differences that emerged when various types of first responders met for the first time on the CapWIN project.

'I am a [former] police officer,' he said. 'When I went to talk to the transportation, fire and EMS representatives, that was a very interesting day.'

Ake noted that the disparate groups even view geography differently. Police agencies divide their zones by beats, transportation agencies by mile markers and fire departments by call box areas.

Kenneth Cassine, FBI supervisory special agent and chief of the bureau's Law Enforcement Online unit, said policy changes since the Sept. 11, 2001, terrorist attacks have overcome the bureau's traditional reluctance to share information. Bureau officials now are sharing unclassified intelligence reports, known as tearlines, with outside agencies.

'In the past, that information never would have left the building,' he said.

More in common

The FOSE speakers agreed that harmonizing data standards will lower technological barriers to information sharing. Hines said his program is developing Extensible Markup Language standards for alert systems.

Through the XML standards process, FEMA had achieved 'something we didn't think would be easy'which was to get different manufacturers to sit down and exchange information,' Hines said.

Homeland security agencies simply shouldn't buy equipment from vendors who won't adopt open standards, Ake said.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above