Linux in Government: LAMP Solution for the "9/11 Commission Report" Recommendation

by Tom Adelstein

As you read this article, I urge you to visit the Web site I discuss and actually test it. If you don't, then you're doing yourself and you community a disservice. Sitting right under our noses, open-source software is providing a solution right now to one of the major recommendations sited in the 9-11 Commission Report of July 22, 2004: "unifying the many participants in the counter terrorism effort and their knowledge in a network-based information sharing system that transcends traditional government boundaries.

The many participants in the counterterrorism effort include state and local law enforcement agencies, in addition to the FBI and CIA. In fact, the reorganization of the agencies that make up the Department of Homeland Security (DHS) was intended to increase information sharing. DHS has screamed for information sharing for three years.

The Best They Can Do

DHS uses an acronym that people should recognize whenever it is used--ISAC. ISAC stands for Information Sharing and Analysis Center. The DHS ISAC Web page states:

To help develop ways to better protect our critical infrastructures and to help minimize vulnerabilities, The Department of Homeland Security has established Information Sharing and Analysis Centers or ISACs to allow critical sectors to share information and work together to help better protect the economy.

ISACs provide the framework for data sharing throughout the economy and the country as a whole. They also should provide a model for countries across the globe that are at risk for terrorists acts.

The ISAC for Government, NASCIO (National Association of State Chief Information Officers) says:

if the tragic lesson of September 11, 2001 has taught America anything, it is the value of actionable information about criminal activities and potential responses to those activities for the prevention of crimes. We have learned that a vast quantity of such information has little or no value in its undigested form. The "value add" comes when the information is

  1. collected in an organized way from vigilant and discerning sources,

  2. analyzed for local and widespread implications,

  3. used to advise potential targets, and

  4. incorporated into future prevention efforts.

Moreover, all of this must be done in a timely and comprehensive manner. The state CIOs, as the custodians of state critical information assets and as facilitators of statewide information sharing, have much to contribute to these goals.

Unfortunately, words on Web sites by a bunch of bureaucrats will not stop terrorism. In fact, the tragic lesson of September 11, 2001, has faded from memory. Law enforcement cannot work effectively when the people in decision-making positions in our government fail to empower them. Currently, the evidence points vividly to state CIOs who have failed to implement any of the "value add" they claim to have.

Working with Disparate Systems

Distributing ISAC centers throughout sectors of the economy and government can and should work to help hinder terrorist activities. By contrast, consider the recent case of an al-Qaida hacker who was carrying a number of disks and a laptop at the time of his arrest. His arrest lead to the arrest of numerous cell members in England and the United States. By himself, the hacker was an ISAC connecting numerous al-Qaida cells globally. Perhaps that fact should make one stop and wonder if known terrorists share information better than we do.

Industry executives recognize the issues stopping the US from implementing the 9-11 Commission's recommendation. For example, Tom Richey, who leads Microsoft Corp.'s homeland security practice said in an article yesterday, "The biggest barriers still remain cultural components, legal components [and] political components. It requires leadership. It requires leaders who are willing to embrace technology as a force multiplier for solving these problems."

Analysts in the community know that Richey put it nicely. I simply would have called them bureaucrats. You and I know that if Microsoft has problems getting its solutions into ISACs, then the "components" have remained immovable.

Fortunately, a viable Linux solution to the task of connecting disparate databases over the networks is in existence today. This extant system connects a variety of government databases with a LAMP Web services application that is freely downloadable from the Internet. It allows one to search disparate databases in disparate geographical locations.

Looking at the Solution

In the article mentioned above, Tom Richey also stated, "communities have been moving forward toward information sharing since the Sept. 11, 2001, terrorist attacks, but technology hasn't been the problem." Perhaps Richey stated it correctly. One might have an inclination to implement technology more rapidly if it already existed with a Federal mandate to use it. Given the choice, "political" components might be compelled to implement an ISAC if they could see it, taste it and pay for it.

I have discussed this solution in public and private forums, with heads of local government agencies and with advocates in the Open Source community. I did not recognize the difficulty people had understanding it, however, until I asked a colleague to load his browser and click on a few links. My colleague, who had heard my presentation for over a year, finally got it when he saw the application at work. Now, it's your turn.

First, with you Web browser, go to this URL: Once you get there, you should see the screen shown in Figure 1.

Because you do not have credentials to log in to this system, you have limited access to the Texas library catalogs, but you still can see the application work perfectly. Now, click on the link at the bottom of the right pane: "Click here for limited access to the Texas library catalogs (no databases)."

You should find yourself on another Web page from which you can access library catalogs by geographic regions. In reality, you have accessed a network of different vendor databases holding large data dictionaries or repositories of information. Each of these databases has a Linux server connecting it to the Internet. On the public side of the Linux server lies a LAMP Web services application. On the other side of the Linux server reside a number of APIs interfacing with existing proprietary system in the library. You now should now find a Web page that looks like what is shown in Figure 2.

On this page, use the default region of San Antonio. Type in the word Linux and click all the available boxes, including the vast Library of Congress. You now are able to search all of these locations for anything containing the word Linux. Click the orange Search button, and a screen similar to the one in Figure 3 appears.

Notice the hourglass on the left of each database as the Linux server starts searching for the information you requested. You also should notice a progression of successes similar to the screenshot shown in Figure 4. This screenshot says Medina Community Library, and below you can see it says "loading records".

Then, in Figure 5, you can see the sites as they begin reporting. In this screenshot, Fort Bend County Library heads up the page.

In Figure 6, you can see the results from the Library of Congress. All sites have reported in and are ready for you to access information with the click of your mouse.

In that short amount of time--a minute or so--you searched millions of records. The Linux servers collaborated together to unify many participants "in a network-based information sharing system that transcends traditional government boundaries".

Now, here's the kicker: These could have been any kind of database with any kind of XML schemas. You could have used any of the Justice XML data models, including the model for nationwide AMBER alerts, which local governments have been slow to adopt.

As you look at the application just demonstrated, imagine that these databases contain immigration information, warrants, jail populations, known terrorist files and activities. With the latter, perhaps the notes on a known terrorist make no sense to a police official in Cameron County. But perhaps the police official's surveillance notes do mean something to a CIA analyst in Washington DC, something critical to the lives of your family.

Final Notes

In an earlier article Linux In Government: Interoperability, I provided the download site for this LAMP application and further explanations. If you now understand how this Linux solution can allow us quickly to deploy information sharing solutions in ISACs, then can we please do something about it? Otherwise, as Microsoft's Tom Richey said, "The biggest barriers still remain cultural components, legal components [and] political components. It requires leadership. It requires leaders who are willing to embrace technology as a force multiplier for solving these problems." I simply don't want Microsoft to be right about this.

Tom Adelstein is the co-author of the upcoming book Exploring the JDS Linux Desktop, published by O'Reilly and Associates.

Load Disqus comments