You may not need a weatherman, as Bob Dylan asserted, to know which way the wind blows. On the other hand, access to such information doesn’t hurt—particularly if you want to know which way the wind will be blowing.

This and other instances of information sharing, or infosharing, involves getting the right information to the right people in a form that’s useful, while at the same time making sure that what should be kept confidential or secret remains that way. For those involved in homeland security, it’s a task that can present some special challenges. There are multiple jurisdictions involved, differing levels of expertise and funding, and varying security clearances. Fortunately, hardware and software advances are making infosharing easier.

Software successes

On the software side, one example comes from the company NC4, based in El Segundo, Calif. The company provides E Team, an information management software platform aimed at homeland security, emergency management and corporate security applications. It can be hosted locally or remotely, so that jurisdictions can tailor the cost and capabilities to meet their needs.

E Team itself had been around for a decade but NC4’s involvement goes back only four or so years, said Richard Andrews, NC4’s senior director of homeland security. The key to the system is the format and structure of the data entry. “There are a number of different forms that comprise the system,” explained Andrews.

Those forms can be modified somewhat to fit particular circumstances, and new ones are always being developed. Having a common format ensures that needed information, such as a request for police, is properly captured. This commonality also makes it possible to achieve widespread and rapid situational awareness.

Robie Robinson is director of security and emergency management for Dallas County, Texas, and is part of a region-wide solution to share emergency management information across 245 jurisdictions covering the Dallas-Ft. Worth metroplex and surrounding areas. The region, which covers a 16-county area and 6 million people, is in the process of implementing E Team.

Robinson noted that in the past resource requests arrived by phone, fax or e-mail. The new system will offer several advantages, he said. “Number one, it’s recorded. It’s there. It doesn’t get dropped. It’s not written on a Post-it note. Number two, by doing it that way, the information is available to a broader range of people.”

A further advantage shows up in any after-the-fact analysis. Having a clear record of what requests arrived when and the subsequent response should make the post-mortem of an event more effective.

The Microsoft solution

Another infosharing software example comes from Microsoft. The Redmond, Wash.-based company is developing solutions for fusion centers, said Joe Rozek, executive director for homeland security and intelligence. As might be expected, these solutions are built upon Microsoft products, in part under the assumption that most jurisdictions will already own many of the components.

One goal is to provide the software needed for fusion centers that handle infosharing for all threats, all crimes and all hazards. Microsoft’s Active Directory technology with its controlled access helps ensure that the right information gets to the right people, while other components handle the display of the data.

As for the benefits of such an all-encompassing fusion center, Rozek painted a scenario of a fire at a house under surveillance by police as a possible location of a drug lab. The fusion center could provide information the rolling fire truck would need, said Rozek. “This place is under surveillance for drugs and it has the possible precursors for a HAZMAT issue or explosives issue.”

Another benefit might be a more efficient use of an analyst’s time. Today, analysts might be totally engaged with troopers in the field, leaving them little time for higher-level investigations. If their load can be lessened, then they can look for wide area or long-term trends.

Hardware advances

Finally, there are also hardware solutions for infosharing. One of the issues in any homeland security setting is that all traffic, both voice and data, is increasingly in packets traveling under Internet protocols. Traditionally, decisions about flow and filtering for such traffic are done by examining the header, but not the contents of the packet.

The problem is that the packet may be headed for an acceptable destination but contains an inappropriate payload. An e-mail, for example, might inadvertently contain information about a threat, which if leaked could compromise an investigation or security.

Privately held Bivio Networks of Pleasanton, Calif., tackles such issues through hardware-based deep packet inspection. The company’s appliance inspects the packet payload, operating at layers five through seven of the standard seven-layer communications model. Tim Waters, vice president of sales and marketing of Bivio, said the company’s products offer data rates up to 10 gigabits per second, fast enough to inspect content without impacting throughput.

“Deep packet inspection allows the agencies or our customers to begin to look at and understand and—most importantly—make decisions based on the content itself,” said Waters.

Those decisions would be made by applying rules or policies to the data. Properly done, such rules would help ensure that the wrong information didn’t leak out, while still allowing necessary traffic through—such as data from the weatherman about which way the wind will be blowing tomorrow. HST