WASHINGTON – The fact that two of the terrorists involved in last months hijackings and attacks on the World Trade Center and the Pentagon were on an FBI watch list and yet were not flagged by the airlines, airline security or others is a point not lost on government officials.
Now former security officials from the Clinton administration say that integrating data between federal law enforcement and defense agencies has taken on a degree of importance at the highest levels of government that are levels of magnitude greater than it was before Sept. 11.
Samuel “Sandy” Berger, the former national security advisor to President Clinton, and R. James Woolsey, former director of the Central Intelligence Agency, laid out their concerns here Wednesday at a seminar titled eGovernment Integration and National Security.
EAI (enterprise application integration) software developer webMethods Inc., of Fairfax, Va., which sponsored the seminar, had planned the event before last months attacks, but officials said the gravity of the integration issue enabled organizers to line up the distinguished speakers.
The seminar raised a many questions but participants could only just begin to provide some answers.
While its not clear exactly what information should be shared with which offices – from the federal level to state and local municipalities – the priority seems to be to enable law enforcement, intelligence, immigration and customs agencies be able to share information.
What type of integration platform should be used is also unclear. WebMethods CEO Phillip Merrick said that his company deploys a message broker architecture when performing data and application integration projects for governmental agencies.
What is even more murky is how policy and politics will define which applications and databases need to be integrated within the labyrinth of the U.S. government. Berger and Woolsey both suggested that the most serious issues blocking rapid integration are more around policy and politics than technology.
“Databases equal budgets,” said Berger, who is currently the chairman of Stonebridge International LLC, a business strategy firm located blocks from the White House. “If [an agency] gives up control of their database, they give up their budget. There is nothing people in government will fight harder for.”
In his presentation, Woolsey highlighted issues of national security, privacy and legislation. He pointed out that security can be breached not only by hackers outside the government, but also by those that are working within the government.
Likewise, he pointed out that privacy must be protected on some level – though such considerations can be suspended during war time, he added. In some cases legislation has been passed that makes it impossible for certain organizations, the grand jury for example, to share information with other agencies, he added.
Woolsey said he has been working with a company called Invicta Networks Inc., that provides a system of continually moving IP addresses and in some cases moving ports on a network to ensure security. The company also adds a layer of security by communicating in encrypted form, network-to-network. While he did not endorse Invectas software as the solution to protecting integrated information, he said it is essential that information be disseminated on a “need-to-know” basis only.
“Something is going to have to be done to protect us from the wonderful openness of the Internet,” said Woolsey, who is currently a partner in the law firm of Sheq & Gardner in Washington. There is the possibility “that someone put some really ugly code on all routers at some later date. If youre worried, you should be. We have to figure out a way that the only people who get information are the ones who are supposed to and not some hacker.”
Both men agree that the problems surrounding integration are not insurmountable.
When asked what could be done at the senior level of government to quickly change policy and perhaps lessen the politics that surround giving up control over data, Berger said priorities have changed and that may help.
“Sept. 11 changed the world,” he said. “You dont have to convince [Secretary of Defense] Don Rumsfeld this [data integration] is a priority.”
Software industry and government insiders, Berger included, are looking to the newly created Office of Homeland Security for direction and action.
“If I were [Director of Homeland Security] Tom Ridge the first dollar I spend would be to be able to talk to each other in real time,” said Berger.
Before that can happen, according to Berger, the office of Homeland Security must have the authority to pass federal budgets – since integration on a mass scale will be a costly undertaking.