Linux in Government: LAMP Solution for the "9/11 Commission Report" Recommendation
As you read this article, I urge you to visit the Web site I discuss and actually test it. If you don't, then you're doing yourself and you community a disservice. Sitting right under our noses, open-source software is providing a solution right now to one of the major recommendations sited in the http://www.9-11commission.gov/ 9-11 Commission Report of July 22, 2004: "unifying the many participants in the counter terrorism effort and their knowledge in a network-based information sharing system that transcends traditional government boundaries.
The many participants in the counterterrorism effort include state and local law enforcement agencies, in addition to the FBI and CIA. In fact, the reorganization of the agencies that make up the Department of Homeland Security (DHS) was intended to increase information sharing. DHS has screamed for information sharing for three years.
DHS uses an acronym that people should recognize whenever it is used--ISAC. ISAC stands for Information Sharing and Analysis Center. The DHS ISAC Web page states:
To help develop ways to better protect our critical infrastructures and to help minimize vulnerabilities, The Department of Homeland Security has established Information Sharing and Analysis Centers or ISACs to allow critical sectors to share information and work together to help better protect the economy.
ISACs provide the framework for data sharing throughout the economy and the country as a whole. They also should provide a model for countries across the globe that are at risk for terrorists acts.
The ISAC for Government, NASCIO (National Association of State Chief Information Officers) says:
if the tragic lesson of September 11, 2001 has taught America anything, it is the value of actionable information about criminal activities and potential responses to those activities for the prevention of crimes. We have learned that a vast quantity of such information has little or no value in its undigested form. The "value add" comes when the information is
collected in an organized way from vigilant and discerning sources,
analyzed for local and widespread implications,
used to advise potential targets, and
incorporated into future prevention efforts.
Moreover, all of this must be done in a timely and comprehensive manner. The state CIOs, as the custodians of state critical information assets and as facilitators of statewide information sharing, have much to contribute to these goals.
Unfortunately, words on Web sites by a bunch of bureaucrats will not stop terrorism. In fact, the tragic lesson of September 11, 2001, has faded from memory. Law enforcement cannot work effectively when the people in decision-making positions in our government fail to empower them. Currently, the evidence points vividly to state CIOs who have failed to implement any of the "value add" they claim to have.
Distributing ISAC centers throughout sectors of the economy and government can and should work to help hinder terrorist activities. By contrast, consider the recent case of an al-Qaida hacker who was carrying a number of disks and a laptop at the time of his arrest. His arrest lead to the arrest of numerous cell members in England and the United States. By himself, the hacker was an ISAC connecting numerous al-Qaida cells globally. Perhaps that fact should make one stop and wonder if known terrorists share information better than we do.
Industry executives recognize the issues stopping the US from implementing the 9-11 Commission's recommendation. For example, Tom Richey, who leads Microsoft Corp.'s homeland security practice said in an article yesterday, "The biggest barriers still remain cultural components, legal components [and] political components. It requires leadership. It requires leaders who are willing to embrace technology as a force multiplier for solving these problems."
Analysts in the community know that Richey put it nicely. I simply would have called them bureaucrats. You and I know that if Microsoft has problems getting its solutions into ISACs, then the "components" have remained immovable.
Fortunately, a viable Linux solution to the task of connecting disparate databases over the networks is in existence today. This extant system connects a variety of government databases with a LAMP Web services application that is freely downloadable from the Internet. It allows one to search disparate databases in disparate geographical locations.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
- Considering Legacy UNIX/Linux Issues
- Cluetrain at Fifteen
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- New Products
- Getting Good Vibrations with Linux
- Memory Ordering in Modern Microprocessors, Part I
- RSS Feeds
- Tech Tip: Really Simple HTTP Server with Python
- Security Hardening with Ansible
- Customizing Vim