|
CENDI PRINCIPALS AND ALTERNATES MEETING |
Department of Commerce, hosted by the National Technical Information
Service
Washington, D.C.
October 22, 2002
WELCOME
Ron Lawson, Director of NTIS, opened the meeting at 9:15 am and welcomed everyone to the Department of Commerce. He introduced Benjamin Wu, Deputy Under Secretary for Technology at the Department. Mr. Wu also welcomed the CENDI members. He noted that when the Department of Commerce talks about research and development (R&D) efforts, it focuses on partnerships, which are particularly critical for anti-terrorism, economic recovery, and homeland security. New paradigms for relationships must be developed among agencies; among federal, state and local entities; and between those that perform R&D in the government and private sectors. He sees CENDI as a model for such collaboration.
"Challenges in Disseminating Homeland Security
Information"
Steve Cooper, Special Assistant to the President and Senior Director for
Information Integration
White House Office of Homeland Security
Mr. Wu introduced Steve Cooper, Senior Director for Information Integration at the Office of Homeland Security (HS). Mr. Cooper came to HS after many years in information technology (IT) and information management in the private sector.
Mr. Cooper began by stating that information collection and sharing are at the heart of the homeland security efforts. The Administration has three objectives with regard to essential information for homeland security: 1) integrate the federal government, 2) integrate the federal with the state, local and tribal entities, and 3) integrate the government and private sectors. It isn't possible to do this without help from organizations like CENDI that already are involved in information and IT integration.
The proposed legislation includes a scientific and technical (S&T) directorate responsible for R&D related to weapons of mass destruction (nuclear, biological and radiological). There would be leadership on homeland security technology based on the current programs of the national laboratories that would come under the Department.
A new directorate would be created to provide information analysis and an infrastructure for security information. The directorate would act as an aggregator rather than a raw data collector, and it would be a member of the intelligence community. This type of organization does not exist operationally in the government or the private sector. The goal is to reach out to other agencies and organizations to obtain the information. This approach would allow the HSD to focus on other areas of importance to homeland security. In preparation for the presentation, Mr. Cooper reviewed DTIC's Current Focus web site and NTIS's Homeland Security Information Center. By building on such existing initiatives, HS could achieve a point of presence faster than developing it. Mr. Cooper noted that there may be good areas to partner with what CENDI represents.
Currently, the Homeland Security Office does not have anything in place except a link off the White House homepage, and the preference would be not to reinvent the wheel. Information centers would be created to handle the aggregation of existing information. If necessary, these information centers would categorize, index, and provide access to the information.
First responders (police, fire, public safety, and EMTs) would be a primary audience for the information that would be analyzed and aggregated by this directorate. Recent forums in Georgia and Pennsylvania provided an opportunity for first responders to express their needs and concerns. In general, first responders think that the federal government does not manage and disseminate the relevant federal information well. We need to get information specifically to state and local entities. Information for municipalities is particularly difficult since there are so many of them. Intelligence information must be delivered in usable form. Some classified information must be turned into unclassified information.
The important content is not just documents or structured information. Geographic information systems (GIS) and video are also important. Almost everything has a spatial component and the work of the National Spatial Data Infrastructure (NSDI) and the National Map are extremely important.
The transition team might have a day-one objective to implement a portal for internal use by the 170,000+ employees of the new Department, followed by an external portal which would provide views based on the role of key user groups; e.g., first responders, critical infrastructure personnel, federal employees, etc. Varying levels and degrees of access will be needed along with transaction capabilities, both at the door of the portal and when the user gets into the content.
There are three challenges to achieving these objectives. The first involves
the development of a two-way flow, particularly among first responders. Some
first responder communities are well connected while others are not. Public
health, for example, is the least well connected nationally.
Another challenge is to involve the private critical infrastructure community,
composed mainly of the security people in relevant companies. These companies
are particularly concerned about sharing proprietary information with government
entities and they need assurance that information will not be shared with competitors.
The legal experts are looking at the Freedom Of Information Act (FOIA) to see
if any adjustments are needed to ensure that private sector information can
be secured. The balance of privacy and security is a critical problem for Homeland
Security.
The third challenge is to keep the average citizen engaged and informed. What should he/she be aware of in day-to-day activities? One type of transaction available from the homeland security web site might be the ability for members of the public to fill out a "shield report" online with immediate routing to investigative entities.
After these opening remarks, Mr. Cooper opened the floor to general discussion.
Concerns about sharing information with the federal government can be alleviated by focusing on interoperability rather than building large databases, which will raise concerns about the federal government gathering information. Mr. Cooper describes it as a "network of networks". On the IT side, we know how to do this but the key aspect is a social one. The integration must be both horizontal and vertical, and this is much harder to do because it involves tying together communities of practice (the vertical) and communities of interest (the horizontal). The bigger challenge is for these communities to "think outside their comfort zone" in terms of who they deal with and how they share information.
Incentives are needed for non-federal entities. These incentives can be in the form of tactical information from which the person or organization benefits, advice as to what technology to buy, and funding with which to buy it. Mr. Cooper noted that there is money in the ITS bill. When that and the appropriations are available, pilot projects will be awarded. The projects would be less than $1M each and able to be completed in three to six months. The projects must cross boundaries both vertically and horizontally, include a link to a federal agency, and result in a real product. A pilot that serves multiple purposes would be evaluated more highly. The Federal Geospatial Data Committee (FGDC) is a model for the kind of vertical and horizontal, multi-sector activity the team would be looking for, and there is a need for similar multi-sector, standards activities in wireless and other IT areas.
He noted that he is working closely with Dan Chenok of the Office of Management and Budget (OMB), Office of Information and Regulatory Affairs (OIRA) on classification and unclassified information guidance on Homeland Security.
DTIC's Current Focus began with unlimited, unclassified information only. However, it is possible to handle sensitive but unclassified information using DTIC's LDAP capability. However, two problems have been identified. First, DTIC does not have enough resources to continue this effort without additional funding, and it is hard to define who the customer is for groups such as first responders. Who are they? Are they trustworthy? Mr. Cooper indicated that HS will be able to help with this identification.
In terms of appropriations, Mr. Cooper is becoming more pessimistic as the legislation is delayed in Congress. However, we need to keep working toward integration and support for the HS information needs. The agencies are not being asked to do this for free, but to consider how to use resources in new, more integrative ways. Ms. Carroll noted that Science.gov was created with existing systems and information products, and with only limited additional funding from FirstGov. This could serve as a model, but the limitations need also to be recognized.
Mr. Cooper was asked about the dissemination of the R&D that would be produced by the new Department itself. The national laboratories would bring their mechanisms along as they move into the new Department. There would need to be an inventory of the research that is being conducted, how it applies to homeland security, and, whether it should be reprioritized. The goal is to make sure that R&D is not duplicative and to ensure some near-term results. Key areas are biometrics, sensing, and explosives.
Susan Tarr from the Federal Library and Information Center Committee (FLICC) indicated that the federal library community is interested in coordinating support for homeland security in advance of any formal effort. In response, Mr. Cooper emphasized cooperation among the agencies proposed for transition to HS. Eliot Christian (USGS) noted that the Disaster Management Team, which is interagency, has been looking for a content management team and would like to talk to the federal librarians. Mr. Cooper encouraged both groups to interact with him and each other.
Prue Adler of the Association of Research Libraries (ARL) asked how the new Department would interact with the academic research community. She noted that much of the relevant research at the national laboratories is actually conducted by researchers in the academic community through grants. In turn, academic libraries support these researchers. Mr. Cooper was unaware of the involvement of the academic community in this R&D. He asked for recommendations on how this interaction might take place and how the appropriate partnerships could be created.
Mr. Smith noted CENDI's working group on Security and Privacy and how there is a delicate balance.
Mr. Cooper offered to continue these discussions with the group or members of the group. He can be most easily contacted through Tom Bold of NTIS (tbold@ntis.gov), who is currently on detail to the Critical Infrastructure Assurance Office.
In transition to the CENDI discussion with Dan Chenok, Mr. Cooper mentioned
the history of the directive in process. Originally, there was an initiative
to issue a Presidential Directive on unclassified but Homeland Security-sensitive
information. That changed and a decision was made to move to OMB guidance. It
will address information that begins life in the Intelligence Communities, becomes
unclassified, and goes to first responders. It will also focus on vulnerabilities
and risks around critical infrastructure. He noted that 90 percent of the nation's
information is owned by the private sector, companies who don't want to share
their vulnerabilities. It is well-known that the government can't keep a secret
and there are real concerns that private sector organizations could be sucked
into hearings and other processes. So there is attention being given to how
to protect their information under FOIA. Are any adjustments needed? The discussion
then moved to Dan Chenok's remarks.
"Sensitive Homeland Security Information in the New Environment"
Dan Chenok, Information Policy and Technology Branch
Office of Management and Budget/Office of Information and Regulatory Affairs
(OMB/OIRA)
Dan Chenok began his remarks by stating that information termed "Sensitive Homeland Security Information" is a small but important part of the homeland security issue. The deputy secretaries of the core agencies raised the issue in meetings several months ago, pointing out the fact that first responders need key information, which often resides in multiple agencies.
Director Ridge asked OMB/OIRA to draft a definition of "sensitive homeland security information" within the existing law and policy (the Paperwork Reduction Act and FOIA). How do we know what it is? How do we share it and with whom? How long does it hold this status?
Only a small category of information should be impacted. Mr. Chenok emphasized that this guidance is not a new classification regime. "Sensitive homeland security information" is unclassified information. The deputies did not want to get into security clearances. R&D results are not affected, since the regular classification regime is most appropriate for R&D. Under NSD-189, fundamental research remains open. The guidance is intended to achieve a consistent understanding and to insure that, when it is applied to individual agency regimes, it will be similar.
Meetings were held with stakeholder groups and OIRA received good feedback. The Office of Science and Technology Policy (OSTP) has attended the meetings, and Dr. Marburger, Director of OSTP, testified last week. OMB and OSTP are working closely together on this issue. The guidance is currently in the internal agency process and will be out for public sometime "over the next several months."
Discussion
Ms. Carroll noted that, in the past, CENDI looked at the different ways in which agencies mark distribution limitations. That was difficult enough in the paper environment. The electronic environment adds considerable complexity to how to mark documents and have common interagency understanding about what the markings mean. Mr. Chenok mentioned that the E-government Bill (Electronic Government Act of 2002) has a standards process, which will allow for more systematic review of information standards, including the changing of limited distribution materials to publicly releasable. CENDI may have good input to that process.
On another issue, Mr. Chenok was asked about the content model being developed. He referred the group to a Canadian web site that has many elements of what Mark Forman is looking for.
Mr. Chenok was also asked about E-government legislation. The legislation is
moving down several different tracks simultaneously. The Senate version is attached
to other legislation, while in the House it is standalone. E-government and
homeland security have similar characteristics and challenges. They seek to
integrate government operations for increased efficiency and real-time support
to decision making, and they rely on strong security balanced with privacy.
"NTIS Update and New Directions"
Janice Coe, Associate Director,
Office of Business Development, NTIS
Ms. Coe discussed both new distribution mechanisms for traditional NTIS materials
and new products and services. NTIS receives no appropriations so it is unique
within the department. It makes money on what it sells and also deals with inherently
governmental information.
Traditionally, users have had to pay for access to the NTIS database of bibliographic
records. Now, through NTIS' Virtual Library Initiative, the 750,000 bibliographic
records from 1990 forward can be searched for free. Many of these records are
linked via the web to online documents hosted by the originating agencies. The
user has the option to download the document for free from the originating agency's
web site or to request the document from NTIS. If the document is 20 pages or
less, the user can download the document free from NTIS. Documents over 20 pages
cost $8.95 to receive in printed form or on CD. The CD option can also be customized,
and requests for multiple materials in the same transaction result in discounted
prices. Generally, if the user orders a document in the afternoon, the product
will be shipped the next day.
NTIS has also developed the Homeland Security Information Center (HSIC) <www.ntis.gov/hs>. It includes key information categories: Health and Medicine, Preparedness and Response, Safety Training, Food and Agriculture, and Biological and Chemical Warfare. NTIS created the content for the HSIC by searching and selecting sites from the existing NTIS collection of technical reports, videos and training materials. Currently, the site does not have multi-level security, but NTIS is investigating this. NTIS would like to become the focal point for homeland security information.
NTIS has also introduced an e-learning site. The agency believes that e-learning supports e-government initiatives, and it fits the NTIS experience and mission. NTIS does not develop the courseware but provides the system and staffs the helpdesk. Several years ago, NTIS developed the Application Services Provider model which was unique at the time. The ADL Co-Lab (Advanced Distance Learning Network's collaboration laboratories) cited NTIS for this system.
NTIS hosts and provides operating support for the Defense Acquisition University's (DAU) distance learning system. There are over 62,000 users at DAU, and this number could triple over the next few years. Therefore, NTIS is developing a new Learning Management System for release in January-February 2003 to replace the current system. The next generation will be compatible with Sharable Content Object Reference Model (SCORM) and, therefore, it will be 508-compliant. (SCORM defines a Web-based learning Content Aggregation Model and Run-Time Environment for learning objects. It is a collection of specifications that provides a suite of e-learning capabilities that promote interoperability, access, and reuse of learning objects.)
NTIS acts as a service provider for a number of agencies. This mechanism can provide savings to agencies since the infrastructure is shared over multiple customers. NTIS hosted the IRS.gov site from 1996-2002. The agency hosts about 11 sites including Customs, Labor, and the Social Security Administration's National Save for Your Future site. NTIS has extensive Virtual Private Network expertise. It can operate behind federal firewalls and provide access to the public.