Linux in Government: LAMP Solution for the "9/11 Commission Report" Recommendation

As you read this article, I urge you to visit the Web site I discuss
and actually test it. If you don't, then you're doing yourself
and you community a disservice. Sitting right under our noses,
open-source software is providing a solution right now to one of the
major recommendations sited in the http://www.9-11commission.gov/
9-11 Commission
Report of July 22, 2004: "unifying the many participants in the counter terrorism effort and
their knowledge in a network-based information sharing system that
transcends traditional government boundaries.

The many participants in the counterterrorism effort include state
and local law enforcement agencies, in addition to the FBI and CIA. In fact, the
reorganization of the agencies that make up the Department of Homeland
Security (DHS) was intended to increase information sharing. DHS has
screamed for information sharing for three years.
The Best They Can Do
DHS uses an acronym that people should recognize whenever it is used--ISAC. ISAC
stands for Information Sharing and Analysis Center. The
DHS
ISAC Web page states:

To help develop ways to better protect our critical infrastructures
and to help minimize vulnerabilities, The Department of Homeland Security
has established Information Sharing and Analysis Centers or ISACs to
allow critical sectors to share information and work together to help
better protect the economy.

ISACs provide the framework for data sharing throughout the economy and
the country as a whole. They also should provide a model for countries across
the globe that are at risk for terrorists acts.

The
ISAC for
Government, NASCIO (National Association of State Chief
Information Officers) says:

if the tragic lesson of September 11, 2001 has taught America anything,
it is the value of actionable information about criminal activities and
potential responses to those activities for the prevention of crimes. We
have learned that a vast quantity of such information has little or no
value in its undigested form. The "value add" comes when the information
is

1. collected in an organized way from vigilant and
   discerning sources,
2. analyzed for local and widespread
   implications,
3. used to advise potential targets, and
4. incorporated into future prevention
   efforts.

Moreover, all of this must be done in a timely and comprehensive
manner. The state CIOs, as the custodians of state critical information
assets and as facilitators of statewide information sharing, have much
to contribute to these goals.

Unfortunately, words on Web sites by a bunch of bureaucrats will not
stop terrorism. In fact, the tragic lesson of September 11, 2001, has
faded from memory. Law enforcement cannot work effectively when the
people in decision-making positions in our government fail to empower
them. Currently, the evidence points vividly to state CIOs who have failed to
implement any of the "value add" they claim to have.
Working with Disparate Systems
Distributing ISAC centers throughout sectors of the economy and government
can and should work to help hinder terrorist activities. By contrast,
consider the recent case of an al-Qaida hacker who was carrying a number
of disks and a laptop at the time of his arrest. His arrest lead to the arrest of numerous
cell members in England and the United States. By himself, the hacker was an
ISAC connecting numerous al-Qaida cells globally. Perhaps that fact should make
one stop and wonder if known terrorists share information better than we
do.

Industry executives recognize the issues stopping the US from implementing
the 9-11 Commission's recommendation. For example, Tom Richey, who leads
Microsoft Corp.'s
homeland security practice said in an article yesterday, "The biggest
barriers still remain cultural components, legal components
[and] political components. It requires leadership. It requires leaders
who are willing to embrace technology as a force multiplier for solving
these problems."

Analysts in the community know that Richey put it nicely. I simply would
have called them bureaucrats. You and I know that if Microsoft has
problems getting its solutions into ISACs, then the "components"
have remained immovable.

Fortunately, a viable Linux solution to the task of connecting disparate
databases over the networks is in existence today. This extant system connects a
variety of government databases with a LAMP Web services application
that is freely downloadable from the Internet. It allows one to search
disparate databases in disparate geographical locations.
Looking at the Solution
In the article mentioned above, Tom Richey also stated, "communities
have been moving forward toward information sharing since the Sept. 11,
2001, terrorist attacks, but technology hasn't been the problem." Perhaps
Richey stated it correctly. One might have an inclination to implement
technology more rapidly if it already existed with a Federal mandate to
use it. Given the choice, "political" components might be compelled to
implement an ISAC if they could see it, taste it and pay for it.

I have discussed this solution in public and private forums, with heads
of local government agencies and with advocates in the Open Source
community. I did not recognize the difficulty people had understanding
it, however, until I asked a colleague to load his browser and click on a few
links. My colleague, who had heard my presentation for over a year,
finally got it when he saw the application at work. Now, it's your turn.

First, with you Web browser, go to this URL: libraryoftexas.org. Once you get
there, you should see the screen shown in Figure 1.

Because you do not have credentials to log in to this system, you have
limited access to the Texas library catalogs, but you still can
see the application work perfectly. Now, click on the link at the bottom
of the right pane: "Click here for limited access to the Texas library
catalogs (no databases)."

You should find yourself on another Web page from which you can access
library catalogs by geographic regions. In reality, you have accessed a network
of different vendor databases holding large data dictionaries or
repositories of information. Each of these databases has a Linux server
connecting it to the Internet. On the public side of the Linux server
lies a LAMP Web services application. On the other side of the
Linux server reside a number of APIs interfacing with existing
proprietary system in the library. You now should now find a Web page
that looks like what is shown in Figure 2.

On this page, use the default region of San Antonio. Type in the word
Linux and click all the available boxes, including the vast Library
of Congress. You now are able to search all of these locations for
anything containing the word Linux. Click the orange Search button, and
a screen similar to the one in Figure 3 appears.

Notice the hourglass on the left of each database as the Linux server
starts searching for the information you requested. You also should
notice a progression of successes similar to the screenshot shown in Figure
4. This screenshot says Medina Community Library, and below you can see
it says "loading records".

Then, in Figure 5, you can see the sites as they begin reporting. In
this screenshot, Fort Bend County Library heads up the page.

In Figure 6, you can see the results from the Library of Congress. All
sites have reported in and are ready for you to access information with
the click of your mouse.

In that short amount of time--a minute or so--you searched millions of
records. The Linux servers collaborated together to unify
many participants "in a network-based information sharing system
that transcends traditional government boundaries".

Now, here's the kicker: These could have been any kind of database with
any kind of XML schemas. You could have used any of the
Justice XML data
models, including the model
for nationwide
AMBER alerts, which
local governments have been slow to adopt.

As you look at the application just demonstrated, imagine that these
databases contain immigration information, warrants, jail populations,
known terrorist files and activities. With the latter, perhaps the notes
on a known terrorist make no sense to a police official in Cameron
County. But perhaps the police official's surveillance
notes do mean something to a CIA analyst in Washington DC, something
critical to the lives of your family.
Final Notes
In an earlier article
Linux In
Government: Interoperability, I provided the download site for
this LAMP application and further explanations. If you now understand
how this Linux solution can allow us quickly to deploy information
sharing solutions in ISACs, then can we please do something about it?
Otherwise, as Microsoft's Tom Richey said, "The biggest barriers
still remain cultural components, legal components [and] political
components. It requires leadership. It requires leaders who are willing
to embrace technology as a force multiplier for solving these problems."
I simply don't want Microsoft to be right about this.

Tom Adelstein is the co-author of the upcoming book Exploring the
JDS Linux Desktop, published by O'Reilly and Associates.