June 2008 • Volume 6 • Number 6

Sharing With The Unanticipated User

To its credit, the government has heard the public’s demand for increased transparency; it’s insistence on information sharing between the federal, state and local governments and the private sector; all while respecting the public’s privacy concerns and meeting the rigorous security requirements of the post 9/11 world.

For information sharing to succeed throughout government, there has to be rules of the road. Those rules are set out in the National Strategy for Information Sharing published in October 2007.

According to the National Strategy for Information Sharing effective information sharing comes through strong partnerships among Federal, State, local, and tribal authorities, private sector organizations, and our foreign partners and allies; it enables information-driven and risk-based detection, prevention, deterrence, response, protection, and emergency management efforts.

Further, it provides “the vision for how our Nation will best use and build upon the informa­tion sharing innovations which have emerged post-September 11 in order to develop a fully coordinated and integrated information sharing capability that supports our efforts to combat terrorism.”

Ambassador Ted McNamara is the national Program Manager for Information Sharing (IS).  His job is to help implement the strategy. McNamara has said, “We are at the end of the beginning, when it comes to information sharing.  But we have a long way to go if we are going to share information as we must share it to protect the nation.”  He calls on government to “institutionalize Information Sharing as it evolves from the “need to know” to the “need to share” to now the “responsibility to provide”.

Five Distinct Challenges

But to reach the end, the nation must face up and meet five distinct challenges said McNamara, “because there is much more in front of us than behind.”

According to McNamara, we need to:

1.  Fix problem of reciprocity for personnel security clearances and facilitate accreditations. This is a significant problem in the government and even more so if we are going to get state, locals, tribal, private sector involved. “We have to get that problem solved,” urged McNamara.

2. Continue to define common processes and data standards to guide key IS activities such as those associated with Watch List, information alerts and other business processes.

“As an example, we recently released a common governmentwide set of data standards for suspicious activity reporting, so at all government levels all the way down to the cop on the beat we now have a common framework to sharing information with respect to suspicious activities with potential terrorism nexus,” said McNamara.

“All federal, state and local agencies plus the private sector will adopt these common standards and take them and apply them; so that we can take what I refer to as “snowflakes” of suspicious activities that no one could make a snowball of out them before because we couldn’t put this stuff together.”

Now with new system being tested in pilot and already being used in urban areas of southern California and LA, we have a method for making sure those individual suspicious activity reports are analyzed and looked at; and when brought to the attention of regional and national officials said McNamara.

Frankly, those types of changes and standards are going to have to occur faster if we are going to succeed.

3. Maintain the strongest commitment to the high national priority of preserving, protecting and defending information privacy and the legal rights of Americans.

We must do that to survive. We are beginning a long term transformation whose evolution can finally move the government into the new information age.  We need a national effort to responsibly guide a national IS effort that can protect our society and at the same time protect our liberties and either would not endanger the other.

4. Rationalize, standardize and simplify the procedures for marking up and handling terrorism information, homeland security information and law enforcement information.  McNamara said this is important particularly for that sensitive but unclassified SBU information. DOD is planning to transition to these new regime and taking a leadership role. “We must rationalize, standardize and simplify SBU or we are not going to be able to share outside the national security community effectively. Those outside this environment don’t get this type of information routinely. It must be made more understandable to that everyone can share the information.”

5. Accept and manage risk. We have to understand how to manage it and we can’t avoid it. We need to learn how to use risk models to mitigate risk and share information when warranted and permissible. This sharing has to occur within as trusted and secure environment and must be protected or won’t be shared. This is true in both public and private environments. While our information is well protected now, but not well enough. We must do better.

We have a new cyber initiative is because we are not sitting in a safe and secure environment today. Our networks are being attacked daily. We are challenged, threatened and penetrated,” explained McNamara.

“I come back to culture. We need to institutionalize a culture of information sharing among all echelons of government. This new culture of IS while its growing, is not a pervasive culture in the US government.”

“The need to know; the need to share; the responsibility to provide; we need mid-level managers to buy into this to make it work. They are like the top Sergeants; they make the services run, they make the stuff go.”

Finally, McNamara urged that we not hinder new technology tools. “Frankly it will be a disaster if the private sector and the society at large enter into the information world of the 21st Century and the government is condemned to remain in the 20th century and not even in the last decades of the 20th century,” he said.

Perspectives and Visions

Dale Meyerrose, the Associate Director of National Intelligence, ODNI, Van Hitch, CIO, Department of Justice, Mike Krieger, Principal Director, DOD, Chief Information Office and Robert Riegle, Director, State and Local Government Program Office, Office of Intelligence and Analysis at DHS talk about their vision for the future of information sharing during the recent Federal Executive Forum.

Q. What’s your vision for the future for information sharing?

A. Rob Riegle, DHS – On Fusion Center Progress and Inspiring The Workforce

 We’ve made a lot of progress here at DHS, our partners in the states and with the fusion center programs and with the national network of fusion centers. Our vision is to continue the implementation of that national network, working with those partners.

The strategy will connect more than 50 states and a lot of major cities’ fusion centers, and what we want to do in the federal government is to continue to partner with these people to understand what their needs are, get a clearer understanding of what the risks are and really cast the net much, much tighter over the next year and the years to come to make sure that we are catching all of those relevant pieces of threat information and really connecting the dots as envisioned by the 9/11 commission and then the 9/11 commission recommendations act.

The federal government has a daunting job ahead of us but it’s an achievable job, that’s the important thing. I think the one thing is we look forward and try to inspire our workers and our people that are out in the field doing this work, is that they have something that they can actually take a look at and actually believe in being achievable and I think that’s important.

Our vision has to match the vision of those out in the field, and we have to work very hard to continue the momentum we’ve had. Even after the administration changes at the end of the year.

A. Mike Krieger, DOD – On An Agile Collaborative Environment

 I think the vision is pretty clear, that you want to create an agile collaborative environment where everybody can participate and share what they know to accomplish the objective.

But it becomes a workforce issue. We are all digital immigrants, we came to this fight about information sharing late. But our sons and daughters and the people entering our workforce are digital natives. They don’t wear wrist watches because they’ve got PDAs and cell phones and other things. They share natively and they want to come into the workforce and share the same way. So we’ve got to change in order to adjust to the people coming into the workforce because they expect it.

Van Hitch, DOJ – On Google for Cops

I’ll start with my law enforcement hat on. I guess from a DOJ standpoint and law enforcement my vision would be Google for cops. Providing information that will help everyday law enforcement officers catch local criminals, drug cartels, prevent child exploitation, those kinds of things. Anticipate and solve and prevent everyday crime.

But as we know, we got started in this information sharing through trying to pursue counter terrorism and you only get to do that when you begin to connect the dots. So you’ve got to have all this great rich information on the local level before you can do that. So that’s where that plays in.

From our broader perspective as a participant in the information sharing environment, I just want to make sure that we are good citizens in that environment, we are a key part of the information sharing environment, and from a fusion center perspective, we need to enable local decision makers to quickly assess and determine whether an event is local or national, regardless of what kind it is, because that can prevent a lot of scare tactics and can prevent a lot of problems and can make sure that we address them as quickly as possible.

General Dale Meyerrose, ODNI – On Data and Invisible Technology

 We’ve talked about risk management, identity, data and governance. And that I think they are the nexus of the elements that we need to be working over in the next year or two. But I’d like to add some points to emphasize a couple of things. First of all I agree with the comment that data is becoming the center of gravity of what we are talking about; not so much the networks as we have previously done in the past.  I think that’s an important element when you are looking at this information sharing environment.

Second point I’d like to make. While many of us deal with technology, we’ve got to remember that technology is not what we are after. In fact we need to make the technology invisible. The more invisible, the more intuitive technology becomes, the better we get at information sharing.

And lastly as we look to the future, we’ve heard the terms generation X and generation Y. One is late to being digital, the other is growing up digital, I’d like to term generation Z: those born of those born digital. And I think that it’s important that we keep our eye on the art of the possible, doable and probable and be able to differentiate between all those. Therein lies I think the key to success of our strategies. ###

Changing The IS Dynamic

The whole dynamic about information security and information sharing has to change; we can’t look at them as a balancing act because it pits communities that need to work together against each other. At the same time, collaboration tools must furnish solutions about how we share information securely; where data has integrity and we can do trusted computing from an un-trusted computer.

Sharing information with unanticipated users is the ultimate challenge of information sharing.

This is a new, different challenge for information security professionals, who just a few years ago were consumed with intrusion detection, COOP, virus protection, firewalls and packing up data. That doesn’t mean these issues have gone away, but the reality of information sharing is that you have to be committed to share information with “unanticipated users”.

“That’s the new paradigm,” said DOD’s Mike Krieger. “No longer do I know who I can share with. The key capability is attribute based access control, so I can -- machine-to- machine -- decide whether you have right credentials to access that information.”

Krieger explained it’s all about the data and a key initiative is collaborating with both the intelligence community, DOJ and DHS on coming up with a universal core of semantics that is the heart of exchanging data.

“The key information is what, where and why and if we can agree on that (common language) then it is easy to horizontally share information across the federal government and with state and local governments and coalition partners.”

Services in Demand

As IS policy evolves –helping to breakdown a stove-piped government -- and the culture of sharing becomes institutionalized, the demand for technologies that actually do information sharing and collaboration is growing.

As a result, INPUT says the demand for information sharing products and services will drive double-digit growth in the areas of data management, information assurance and role based information security for the foreseeable future.

Examples of IS in action are DISA’s Defense Connect Online (DCO) by Carahsoft, also known as “the second button” and the E-CollabCenter from IBM.  This DOD e-collaboration tools offer users capabilities for online sharing, collaboration, and interactive discussion.

And the JITC just recently added Cisco’s Unified MeetingPlace to its approved product list providing videoconferencing and collaboration functionality into a single package. It includes voice, videoconferencing, chat web conferencing, as well as the ability to share presentations and applications.

Wikis are also growing as ways to share information and collaborate. For example, the State Department’s has Diplopedia which has 700 registered editors and contains about 3,700 articles. According to the department it takes about 15 to 30 minutes, depending on the user's comfort, to get people started. And the Joint Forces Command and the Marine Corps also have adopted wiki-like tools to share knowledge according to Kevin Marlowe, director of C2 analysis at the Joint Systems Integration Command.

National Data Exchange

At the FBI the law enforcement information sharing plan was developed in the 2004 timeframe according to CIO Van Hitch. “We have really been implementing since, but this past year and the current year are really big in terms of implementation and rollouts.”

Hitch said this is the year for the rollout of OneDOJ, which is the FBI’s regional initiative for law enforcement all over the country. “The center piece is our national system is called the National Data Exchange and has been implemented in its first form in March and is currently in pilot.”

“One of the things that we have developed as part of LAISP is the NIEM, which is a standard for data and message formats, the National Information Exchange Model,” said Hitch. “Standards are like religion, you have to do them and they are very good for you, but it is difficult to get people to focus on them, so it takes a lot of funding, support, and leadership in order to make NIEM successful. But we work very closely with the global group, which is a combination of state and local organizations as well as federal, DHS and the information sharing environment program managers’ office to really make NIEM as successful and to roll it out and adopt it in all its various forms to improve information sharing.”

Standards Are Key

While most of the discussion on IS focuses on policy and changing the “mindset” and “culture”, standards are essential if IS tools are really going to work. Take for example NLM’s Disaster Management Information Research Center and the P-25 Initiative and its quest for an interoperable radio for First Responders. They both need standards to function.

Developed by the DHS Science &Technology Directorate, “this portable radio prototype is designed to enable emergency responders—police officers, firefighters, and emergency medical service personnel—to communicate with partner agencies regardless of radio band. Seamless radio communications among multiple agencies would represent a significant milestone in overcoming the communications challenges our nation’s first responders have faced during large-scale emergencies.”

 The radio was recently demonstrated by DHS’s CTO Luke Klein- Berndt. “What we did by doing this demonstration, is we had a sampling of radios that were all in different bands representing the state police, and the local fire department, and the federal government. We showed how that one radio could have answered them all instead of this guy having radios clipped all over his body. And that is not uncommon. Whenever there are incidents that require multiple agencies, there are very, very frequently folks out there carrying multiple types of communications devices on them. It’s cumbersome.”

One of the big features for P25 is that it allows for interoperability explained Klein-Berndt. “It’s the Rosetta Stone that allows different manufacturers to talk together. So that’s very important for interoperability.” -- and information sharing.

Right Direction

Technology wise, certainly with the standards and with the various range of initiatives that are currently underway, we are heading in the right direction. But the real answer for the future is truly having a vision; having leaders with a vision that are working collaboratively across agencies and with industry to try to make that vision a reality.

The technology is not the challenge; technology can solve problems. What really has to be there is vision, which is leading requirements and leading change within the agencies.

Industry is doing its part in developing the technologies, but there needs to be a comprehension that there are very serious security implications and agreed upon policies concerning authentication, trust – and sharing with the unanticipated user.

So there is the movement to converge networks to a single infrastructure and more implementation of SOA – service oriented architectures – as a secure delivery mechanism. Add SOA to virtualization and you have the ability to load software on any laptop or desktop and effectively turn that into an encryption device.

With system access based on the roles, responsibilities and authorizations of the individual who owns that device, you have the ability to enable a community of users where you can assign the individual to a work group. This allows you to break away from the data fortress concept and move to the protection of the data itself. This in turn leads to greater agility in terms of being able to share information.

Progress Is Our Most Important Product

General Dale Meyerrose is the CIO at ODNI. He spoke about IS progress – and what still needs to be done.

“We are in the business of trying to remove institutional cultural and technological barriers to information sharing, not only within the intelligence community but with our many partners.

We do that by building common trust and information environment in which all intelligence is discoverable, mission accessible and creates a decision advantage for the U.S.

We are proud that we released the first information sharing strategy for the intelligence community and it showed how we aligned all of our information sharing efforts with everyone else in government and shows how we are establishing our baseline for IS to work on focusing on “our responsibility to provide”.

Over the course of the past year, we have also built stronger IS partnerships within the intelligence community through Director McConnell’s 100 Day Plan which completed last August and the 500 Day Plan of which we are about half way through.

We have also had success in implementing uniform policies to move from a “need to know to responsibility to provide” culture and we have first time in the community issued implementing standards for metadata tagging and other forms of interoperability.” ###

Working together – leveraging federal as well as state and local networks; moving relevant information and intelligence quickly; enabling rapid analytic and operational judgments – that is what the fusion center network is all about.

For Information Sharing, that famous slogan from the Cold War era is still as true today as it ever was. The biggest challenge is still to build that collaborative trust environment between Federal agencies themselves and with state/locals and private sector.

The issue comes down to how do we share information from the operation community to the non-operation community? That’s where the real barriers are. People who have to have that information to do their job are very conscious about with whom they share it. And they may not share because it may compromise the ability to do their job. So how does government break out of this “Catch-22” situation?

Getting Granular

 “We’ve taken some very great pains to try to really get down to a granular level with our state and local customers,” said Robert Riegle, Director of the State and Local Government Program Office, Office of Intelligence & Analysis, DHS.

“Keeping in mind that some of their information needs are unique, for example a maritime state is different from Arizona, we have no cookie cutter approach,” said Riegle. “That makes our job harder and that’s why important to have these partnerships and you get as much support from these communities as possible.”

One of the things DHS does is assess each one of their customers’ needs uniquely to get a handle on what 800,000 law enforcement personnel and 1.2 million First Responders need. “We are even working with individual tribes on their specific risks. This makes what we deliver to them more valuable because they don’t have to go through piles of data; they get actual ‘needles out of that haystack’ information.”

Feeling Comfortable

FBI CIO Van Hitch concentrates on delivering law enforcement information to the law enforcement community; where he runs into issues is when the FBI starts to share that information broadly beyond law enforcement.

“That’s why is very important with the fusion center concept that we are pursuing that we have the privacy and civil liberties guidelines in place,” explained Hitch. This is in addition to access protocols for ID management that provide privileged access to those systems.

“When those systems are in place, then we feel very comfortable then we can be sure that those who need the information will get it by role and in the same way they know where the information is coming from, noted Hitch. “So we need to make sure we take care of the privacy and civil liberty policies and well as the technology to make sure that is happening.”

It’s All About Information Assets

According to Mike Krieger, Principal Director of IT Management & Technology in the Office of the Secretary of Defense, the question isn’t identifying the stakeholders anymore.  “In the new world of IS, it’s all about information assets; we are separating data from applications and we are making both the information asset and the applications available as services. For Krieger that means adhering to the five tenants that enable IS:

Is the information asset visible? Can people find it? Is it discoverable?

Is it accessible? Are we willing to share this information and identify the business rules on who can access it?

Is the information asset understandable? “We can have discussions about the National Information Exchange and the Maritime Information Exchange, but they are semantics to make information accessible and understandable,” said Krieger.

Is the information trusted? Does the both the information producer trust that only authorized people will get it and will information consumer trust that the producer is the authoritative source?

Is it governable? Because we are sharing across information across the federal government and with coalition allies, state and local governments, and it must be governed.

“I look through this window: Is it visible accessible, understandable, trusted and governable,” noted Krieger. ###

“At the state and local level, they have a new post 9/11 job,” noted Ambassador Thomas McNamara, Program Manager for the Information Sharing Environment at the recent AFCEA Solutions Conference on Information Sharing. “They are the front line defenders against terrorism that has penetrated our borders. This is a new aspect of defense they hadn’t had to do before. We need to face this without exaggerating it, but not underestimating it either.”

McNamara explained that fusion centers play a decisive role and are a critical part of the president’s National Strategy for Information Sharing.  “They strengthen the nation’s ability to protect communities from future attacks.”

“Our business is to provide them the people and tools for their threat mitigation efforts on behalf of the rest of the national intelligence community,” said Riegle. “We push it down and also make sure that any information that’s revealed from their day-to-day activities is brought back into the federal government so we can get a better understanding of the risk we face on a national basis.”

Riegle explained that DHS uses fusion centers as a facilitation point for the information exchanges specific to threat information and also use them as a network themselves. As a result DHS has a vertical relationship with the state and locals and a horizontal relationship with federal partners.

Together “we think that represents the front lines of defense of really connecting the dots in our threat mitigation strategy broadly,” said Riegle. “By end of FY we plan to have 35 officers employed in fusion centers around the country and 40 will have connectivity to national level intelligence network through the DHS data network – a huge enabler for state and local officials.” ###