DHS unfolds new safety net

Since the Homeland Security Department's inception in early 2003, there has been speculation about how officials would set up a national network to share information among government agencies — from federal offices to local first responders — and between government and the private sector.

DHS officials partly answered that in February, when they announced the launch of the Homeland Security Information Network (HSIN), which will be DHS' primary tool for sending alerts and enabling organizations to work together in emergency situations.

Although the proposed network's concept has been welcomed, potential users of HSIN remain cautious as they wrestle with the technology, management and security implications.

"I think HSIN will fill a big void in terms of moving sensitive information from the federal to the state level and then eventually to the local level," said George Foresman, Virginia's assistant to the governor for commonwealth preparedness. "But unless we get it right, we could end up with 50 different networks with no way to move the information around."

Foresman and others are concerned that department officials have not sought non-DHS users for input on the network's design. With an aggressive timetable for the introduction of HSIN, there is a narrow window of opportunity for collecting comments.

To hasten its development, the new network will be based on the Joint Regional Information Exchange System (JRIES) and will build on and link to existing systems as much as possible.

The plan's first phase, scheduled for completion this summer, will deploy a basic version of HSIN to Washington, D.C., all 50 states, 50 major urban areas and five territories. It will connect more than 300 state and local government entities and more than 5,000 officials, who will be able to send and receive sensitive-but-unclassified data during this phase.

Meanwhile, network developers will work to elevate HSIN's security level to secret, at least for passing information among DHS and state governments. The goal is to finish the bulk of this work by the end of the year.

DHS officials intend to pay for the introduction of HSIN to the county level. For expansions, the DHS Office for Domestic Preparedness will award grants.

DHS officials don't want to mandate the final form of HSIN. Although secret-level connections to the states will likely be dictated by federal officials, state officials will have more input into the developments of connections to local governments and among local entities.

HSIN is distinct from the Homeland Security Data Network, which will be a private network for securely passing classified data among DHS' 22 agencies. The department awarded Northrop Grumman Corp. a $350 million contract to design, implement and manage this network. Its first phase could be completed by the end of the year.

JRIES began as a pilot project by the Defense Intelligence Agency, the New York City Police Department Counter Terrorism Division and the California Anti-Terrorism Information Center. Initially promoted by Defense Department officials for a force protection role, JRIES clearly had broader capabilities and eventually expanded to include other agencies.

So far, JRIES has facilitated collaboration among law enforcement agencies for activities such as threat analysis. It has also provided real-time links between the Homeland Security Operations Center and counterterrorism teams at high-profile events such as this year's Super Bowl and Sugar Bowl football games.

To minimize costs, JRIES operates as a secure layer on top of the Internet and uses widely available commercial products. Microsoft Corp.'s SharePoint Web portal and SQL Server provide the main network and database functions, for example, and Groove Networks Inc.'s Workspace product drives the collaboration side of JRIES.

Event-driven communications

Work spaces are at the heart of how HSIN will work. As emergencies or other events occur, anyone on the network can create a work space for that event. Automatic messages about the space are sent to other users, who receive a flag for an invitation to join. Clicking on the flag puts users into the space where they can see real-time information on the event and can interact with others to plan a response.

Users can have multiple work spaces simultaneously, which the JRIES experience demonstrated is important, said Dave Fowler, vice president of marketing and business development at Groove Networks.

"One of the things we've found happens with emergencies is that people have data coming in from multiple sources and they want to organize that data according to each source, and then they want some way to aggregate all of that data," Fowler said.

Groove developers designed Workspace by applying the concept that users should not have to worry about issues such as network bandwidth or the locations of various individuals. With Workspace, the network architecture takes care of that, Fowler said. As long as users are connected to the Internet, the Groove Networks product will find them and update the data in their work spaces

automatically.

Data collection and aggregation on HSIN will be the job of Verity Inc.'s K2 Enterprise software, which uses Web crawlers — intelligent agents that scour Web sites for information — to locate data in content repositories connected to the network. The software analyzes and organizes the data so HSIN users can search it.

One of the advantages of Verity's approach is that the data doesn't have to be moved from its original site to conduct a search, said Andrew Feit, the company's senior vice president of marketing. Instead, the software creates a fingerprint of documents so that users can find profiles of the content through queries. Users who have proper security clearances can then view the requested documents.

Officials methodically constructed JRIES through piloting and prototypes, which simplified integration of commercial products, said Michael Kushin, senior vice president of ManTech International Corp.'s Information Technology Group. The group was the JRIES systems integrator and is helping develop HSIN.

Because of HSIN's aggressive schedule, this process won't be possible. The trick, Kushin said, will be to make sure that extra developments are "kept simple, because there is no need for super-duper technology in this."

Team play needed

Cultural and acceptance issues could be a problem, as they tend to be in projects that cross jurisdictional boundaries. One of the major lessons learned in developing JRIES was that potential users should be involved early in the process.

"For HSIN, it will be vital to get advocacy from communities of interest upfront," Kushin said. "Users have become very active advocates for JRIES, and we want to make sure the same is true for HSIN. It's important because those advocates have a major role in bringing new members on board."

In addition to technology considerations, government officials continue to debate policy issues, such as balancing national security needs and civil liberties, Foresman said.

"People are still not comfortable with it, and this kind of cultural change doesn't happen overnight," he said. "There's an exceptional level of timidity in state and local government over whether HSIN is a solution to this or, over time, will just be another 'energy sucker.'"

Charles Jennings, chairman of Oregon's Regional Alliance for Infrastructure and Network Security (RAINS), believes the concept of HSIN is a huge step forward because the network would be a flexible and interoperable backbone that could support many applications and local networks. And although it's largely rhetoric at this point, he said, "it is the right rhetoric."

RAINS is a public/private partnership that began in early 2002 as a way of using existing

assets to forge secure, interoperable communication links for homeland security. The network, which represents the type of local network to which HSIN would connect, started operating last year with an automated response system linking local emergency workers with other homeland security organizations.

DHS officials must be careful not to script everyone's approach to HSIN, he said.

"Every trusted network I have been involved with since 1991 has grown spirally from the bottom up, and that's how it begins to address people's needs," Jennings said. "It's very hard to architect this kind of thing."

Organizations at the state and local levels haven't been included yet in HSIN's planning or development, he said. He met with DHS officials last month in Washington, D.C., and they said they plan to do more to contact outside organizations now that they have addressed many of the most urgent internal DHS consolidation issues.

"They seem to have discovered that [HSIN] is not something that will be solved inside the Beltway," Jennings said. "I got the sense that perhaps things are changing and that we [at the state and local levels] are being taken more seriously."

Nevertheless, he is still unsure how direct an impact he and his peers might have on HSIN's development.

For industry leaders, HSIN raises many management issues, particularly about who gets what information, said John Sabo, business manager for security, privacy and trust initiatives at Computer Associates International Inc. They are also concerned about moving information to the appropriate locations and providing security for such transfers.

There's still some uncertainty about where to place various interfaces among networks and what information the interfaces need to share, he said.

"HSIN has been presented to us as a broad and deep reach into various [public and private] sectors," Sabo said. "The problem is that the deeper you get [on the public side], the less distinct is the knowledge about what information can and cannot be released. There's a great concern in the private sector about what information can be released to government and if it will be protected."

There's also a concern about how to manage any overlaps of network interconnections and information repositories that might result from HSIN's deployment. Although DHS' plan for HSIN does look appealing, Sabo said, "on our end, manageability is a real concern."

Federal government officials must realize that they are entering a new phase of dealing with states and local communities. They must meet with governors and other officials to hash out plans, Foresman said.

DHS "now has to get into the business of being more proactive," he said.

Robinson is a freelance journalist based in Portland, Ore. He can be reached at hullite@mindspring.com.