Airport Security Programs A Summer Priority
A senior Transportation Security Administration official outlined a slew of
test programs for this summer, intended to protect airports using biometrics
technologies.
The pilot programs and operational tests reflect a desire to use eye, face
and hand recognition systems in securing all facets of an airport, said Rick
Lazarick of the TSA’s security laboratory. “Congress seems to be
turning up the wick on biometrics,” he told a recent National Defense
Industrial Association conference.
Many projects are meant to expose systems to real-world conditions to evaluate
their effectiveness. Some of the programs provide identification screens on
airport employees, while other programs seek to ease security on regular travelers.
The Airport Access Pilot program is putting five technologies to the test,
including finger printing, voice pattern and facial recognition systems. The
optimum placement and types of surveillance systems also will be evaluated,
as well as access control via next generation ID cards. The program will be
in place at a handful of airports through the summer, lasting until 2005.
The Transportation Worker Identification Cards program will craft an advanced
employee recognition system—a “smart card” that can be used
at several airports. The Transportation Worker Identification Card ultimately
will be implemented as a nationwide system for verifying the identity of transportation
workers and validating their background information. An in-flight verification
system for pilots, Lazarick noted, “has not gained a lot of traction.”
The “Registered Traveler” program will also start this summer,
giving routine, repeat passengers the chance to gain special status that keeps
them off security lines. The idea is to “reduce the haystack” and
ease the burden on airport screeners, Lazarick said. He noted that there have
been initial discussions about expanding the program beyond aviation. A similar
program is being administered by United Airlines for passengers traveling through
Dulles Airport in Washington, D.C.
Data Mining Not Yet Ready To Take on Terror Cells
Despite advances in the science behind data mining—the use of software
programs to sift through reams of data to find suspicious patterns—the
practice may not be ready for full-scale use in homeland security and terrorist
hunting, according to a leading expert.
Chief among the limitations is a lack of real-world examples to create the
profiles that suggest dangerous activity, according to Bhavani Thuraisingham,
director of the information and data management program at the National Science
Foundation.
“To apply data mining, you have to learn from the past. There are not
enough real training examples, so we have to come up with hypothetical examples,”
she said a recent conference. “The question is, can you build a model
with only 10 good examples? The answer is usually no.”
Another limitation cited by Thuraisingham is the complexity of building real-time
mining programs that can collate massive amounts of data under time constraints.
“Right now, we need humans in the loop to examine the results. Automatically,
the system can not say, ‘This is a false positive.’”
Real-time data mining currently is being used for credit and calling card fraud
detection, but Thuraisingham said in those cases models can be crafted ahead
of time, and “we still don’t have a way to build models in real-time.”
Other uses for data mining may include using the system to monitor data from
biological sensors, medical databases and to protect networks from hackers.
“This is a very new area. Before 9/11, not many people were talking about
data mining for counter terrorism,” she added.
Hovering over the discussion was the issue of privacy violations. Last September,
Congress shut down a Pentagon program called Total Information Awareness citing
privacy concerns. Politicians from both sides of the aisle raised fears that
the project was collecting too much personal data in its attempt to find terrorists.
The General Accounting Office released a report last month noting that the
Defense Department had the largest number of data mining efforts, primarily
aimed at managing human resources. Defense was also the most frequent user of
data mining for analyzing intelligence and detecting terrorist activities.
The system of using personal and demographic information to profile possible
terrorists raises the hackles of civil right lawyers and privacy advocates,
but Thuraisingham said encryption technology may be employed to lessen the exposure
and avoid misuses of personal information.
In balancing privacy against effective data mining, Thuraisingham said she
was worried “that we might try to do both and fail at both…We can’t
get hung up on privacy while we’re doing this important work.”
Maritime Test Center Off to Rolling Start
The freshly opened Maritime Domain Awareness Center (MDAC), established to support
the Coast Guard’s Deepwater transformation program, is already moving
ahead and processing upgrades for three ships a month, according to officials
who run the test facility.
By the time of its ribbon cutting at the end of April, the MDAC had already
been at work for six months, testing systems and software prior to installation
in newly built or retrofit ships. The USCG Cutter Matagorda was upgraded with
a command-and-control system and put to sea in early March.
The largest recapitalization program in U.S. Coast Guard history requires a
large, high-tech test center to ensure the interoperability and quality control
of electronic systems involved. The Deepwater contract was awarded to Integrated
Coast Guard Systems, a joint venture between Northrop Grumman and Lockheed Martin.
“One of the hardest things to do is go to the shipyard and test systems
for the first time. It really saves a lot of money to work out bugs in the labs
rather than in the yard,” said Patrick Ewing, Lockheed’s senior
program manager. “When you get to the yard, you want to be on a higher
level of system testing.”
Equipment bound for refitted ships or aircraft are loaded with software, tested
in simulators and run through a gamut of interoperability examinations. After
gaining a seal of approval, engineers from the center accompany the equipment
to the end user for installation and instruction. For new hardware, that process
begins during construction.
“In the past, interoperability was a plug-in after you built a system,”
said John Leonhardt, senior manager of engineering at MDAC. “What we’re
designing here is developing around interoperability from the start.”
The $9.4 million MDAC, which boasts 16,000 square feet of lab space at its
Moorestown, N.J. location, serves as the practical test ground for assets required
for the Deepwater effort, including command and control platforms for the National
Security Cutter and Maritime Patrol Aircraft.
The center offers a permanently staffed “help line” to assist sailors
in the field and can connect to ships at sea to provide support. There are duplicate
systems in the labs and at sea, to make it easier for support technicians to
help Coast Guard personnel.
U.S. and Europe Reach Data-Sharing Accord
The European Commission and the United States settled more than a year’s
worth of negotiations with an agreement for the Commission to share airline
passenger data with the Department of Homeland Security.
The agreement sought common ground between the requirements of the U.S. customs
and the European Union’s data protection legislation. Finding a solution
between these two sets of laws—one to protect privacy and the other to
gather personal information—proved a challenge, officials said.
“The biggest hurdle was the months of negotiations it took to get the
agreement,” said Homeland Security Deputy Undersecretary Asa Hutchinson,
who helped negotiate the agreement in Paris. “Part of the problem they
had was the perception that we don’t have stringent privacy laws in the
U.S.”
The Bureau of Customs and Border Protection and the Transportation Security
Administration require access to airline passenger names in advance of their
arrival to identify possible terrorists or criminal offenders. European airlines
were faced with either complying with those requirements and risking the European
Parliament’s legal wrath, or ignoring the requirements and triggering
intensive searches of their passengers entering the United States.
Addressing the European concerns meant American concessions, including setting
a three-and-a-half year time limit on long the data will be stored, limiting
how many data elements will be collected and agreeing to a joint review of the
process every year, according to statements from European negotiators. U.S.
authorities will not be permitted to collect race, ethnic origin, political
opinions, religious or philosophical beliefs, trade union membership or health
records in the screening process.
Ridge Promises Interconnectivity By Summer’s End
An information network linking senior decision-makers will be available by the
end of summer, Homeland Security Secretary Tom Ridge told the National Committee
on Terrorist Attacks Upon the United States.
Speaking in New York City, Ridge said that two communications hubs—the
National Infrastructure Coordination Center for the private sector and the Homeland
Security Information Network for government entities—will be expanded
to include governors, homeland security advisors and emergency operations centers
in major urban centers, tribal governments and each state.
“By the end of the summer, we will achieve real-time nationwide connectivity,”
Ridge said. “These are tools of prevention, tools designed to stop an
attack before it ever takes place. Achieving this same kind of coordination
throughout the first responder community is one of the greatest challenges facing
our country.”