NDM Article - Security Beat

Sponsors

Security Beat

April 2005

Security Beat

by Joe Pappalardo

Federal Smart ID Cards Come With Disruptions
An effort to strengthen and standardize identification cards will bring headaches to federal agencies, but those in charge of steering the process vow to make it as smooth as possible.

The creation of the ID cards, mandated in August by President George W. Bush via Homeland Security Executive Directive-12, has adhered thus far to its abbreviated timeline, according to Curt Barker, who manages the creation of common requirements for the cards at the National Institute of Standards and Technology.

A process that normally takes two years has been accomplished in six months, he added. The cards will be used by all federal employees and selected contractors. Designed to possess common standards, the IDs will work at the doorways of all federal facilities.

Agencies will be called on to adopt new cards by October. They will be based on standards released in late February. The credentials will feature a microprocessor with identifying data on it, and will employ biometrics to validate that the holders are who they claim to be.

By consolidating purchasing, the government hopes to keep costs down. Each agency must foot the bill for its portion of the work.

Some agencies will be building smart card access control systems from scratch, while others have robust systems in place. It is not clear which organization will have an easier time meeting the standards: agencies building new systems or those asked to reconfigure their existing ones.

The Defense Department built its smart card program years ago, and officials acknowledge this early work paved the way for the government-wide program. “Most of the lessons were learned by the Defense Department,” Spencer said. “There will be pain, but the goal is to manage that pain.”

Mary Dixon, deputy director of the defense manpower data center at the Pentagon, said four million employees in defense agencies, including all services, have cards that nearly match the NIST standards.

“We can’t federate until we trust,” she noted. Still, Dixon said the directive was worth the disruption and cost. “We support the goals of HSPD-12,” she said. “We understand we’ll have to make changes and we’re prepared to do so.”

Report: Hate Tracts Imported to America’s Mosques
Saudi Arabia’s government is disseminating “hate propaganda” in its textbooks and reading materials, and some of that material is flowing into the United States, said a newly released study from a Washington think tank.

The report, conducted by Freedom House, is based on a yearlong investigation of more than 200 tracts that were published or otherwise generated by the government of Saudi Arabia and collected from more than a dozen mosques in the United States.

“While the government of Saudi Arabia claims to be ‘updating’ or reforming its textbooks and study materials within the kingdom, its publications propagating an ideology of hatred remain plentiful in some prominent American mosques and Islamic centers, and continue to be a principal resource available to students of Islam within the United States,” noted the report.

It cites numerous examples of documents that stress when Muslims are in the lands of the unbelievers, they must “behave as if on a mission behind enemy lines.” Either they are there to make money or gather information to be later employed in the jihad against the infidels, or they are there to proselytize. Such radicalism is only present in a subset of Islamic faith, but there’s an emphasis among those radicals to export that belief worldwide, according to the report.

“Within worldwide Sunni Islam, followers of Saudi Arabia’s extremist Wahhabi ideology are a distinct minority, as is evident by the millions of Muslims who have chosen to make America their home and are upstanding, law-abiding citizens and neighbors,” the report said.

But the report concludes that the Saudi government propaganda reflects a “totalitarian ideology of hatred that can incite to violence,” and the fact that it is “being mainstreamed within our borders through the efforts of a foreign government, namely Saudi Arabia, demands our urgent attention.”

Freedom House is a non-partisan group started in the 1940’s to promote democracy. Gov. Bill Richardson, former U.N. representative Jeanne Kirkpatrick, columnist P.J. O’Rourke and former CIA director James Woolsey serve on the organization’s board of directors.

Defense Net Falls Short in Homeland Missions
The Defense Department’s computer network, the Global Information Grid, is not adept at connecting homeland security missions. This shortcoming is leading Pentagon planners to find ways to improve interconnectivity during defensive missions.

“GIG does not serve us as well at Northcom as other combatant commands,” noted Maj. Gen. Dale Meyerrose, director of architecture and integration at U.S. Northern Command headquarters, at a recent industry conference. He added that legal constraints on sharing levels of classified information often leave Northcom at a loss during “home games,” such as security events and threats to the continental United States.

Officials responsible for updating the network foresee a new dynamic in the way information flows, one that may be flexible enough to cater to domestic and foreign military operations.

Given the congressional and executive level mandates on information sharing between the Defense Department and Department of Homeland Security, as well as non-federal players, this gap could effect operations during a terrorist attack or natural disaster. The problem, as usual, is getting the right information to and from people on the frontlines.

“GIG was the Defense Department perspective to address the war fighter’s environment,” said Craig Harber, head of the National Security Agency’s information security group. “Now, when you think of who’s involved, who all the players are at the federal state, local and tribal levels, you see there’s multiple levels of users.”

A balance must be struck between the current “need-to-know” mentality, in which someone must prove they need sensitive information, and “need to share,” in which classified information can sometimes be passed to uncleared clients if a security mission depends on it. Building a network that can handle that nuance—guarding data itself, rather than systems access—is a challenge to the current doctrine, Harber said. “We may have to re-think our value system,” he said. “That has to be part of the access control question.”

One helpful step, he noted, is labeling files to help guide decisions in what information can be released, to whom and under what protective measures. Guarding the information is only one step, and without “policy-based architecture,” any global information grid will be unable to bring vital data to those who need them, Harber said. “It’s not just cryptography anymore,” he noted.

Coast Guard Unveils New Port Security Tech
The Coast Guard has unveiled its first-ever underwater port security system, a network of sensors and divers that are intended to thwart underwater bombers.

The system is designed to protect port infrastructure and vessels from underwater threats, including swimmers, divers, and explosive devices. It relies on a combination of platforms and sensors, including sonar, Coast Guard dive teams, remotely operated vehicles and a variety of methods of stopping underwater intruders.

Coast Guard maritime safety and security teams nationwide will receive the equipment, as well as additional training to include underwater searches and inspections. High profile targets will receive the attention of divers and, in waters too dangerous for divers, piers and hulls will be inspected with remotely piloted vehicles.

New hardware includes a commercially available sound head that detects and tracks potential underwater threats, a Navy processor that classifies underwater contacts, a high-frequency sonar that provides images to positively identify the target as a swimmer or diver and an underwater hailer that allows security team members to communicate warnings and instructions to the unidentified diver.

The system has been in development and testing since November 2002. The Coast Guard’s Research and Development Center in Groton, Conn., worked with the U.S. Navy, University of Texas, University of Washington and the Defense Department’s joint non-lethal weapons directorate.

Hemisphere Anti-Terror Effort Gets Increase
The United States has pledged an additional $1.6 million to strengthen and expand counter-terrorism coordination in the Western Hemisphere, officials announced at a meeting of the Organization of American States.

The message was delivered during a meeting of the Inter-American Committee Against Terrorism in Trinidad. The U.S. pledge represents approximately 80 percent of total hemispheric investments in this counter-terror effort.

Since the terrorist attacks of September 11, 2001, the U.S. has contributed $5 million to the OAS program. Some of the money will also go toward assessing border controls in the Caribbean, and the unstable border area between Brazil, Paraguay and Argentina.

Envoys at the meeting signed a resolution urging member states to update anti-money-laundering legislation by broadening the definition to include terrorist financing. The resolution emphasized the need to create digital passports that are harder to fake and make it easier to track criminals.

Participants debated the potential threats to civilian aircraft posed by shoulder-fired rockets, the complexities in sharing biometric data and the depths of the links between arms and narcotics trafficking in Latin America and Islamic terrorism. U.S. officials claim weapons and drug smuggling sales fuel Islamic militant groups.

The southern border is receiving more attention in the war on terrorism. Acting homeland security secretary Adm. James Loy told a congressional committee that recent information showed al Qaeda has considered using the Southwest border to infiltrate the United States.

“Al Qaeda leaders believe operatives can pay their way into the country through Mexico and also believe illegal entry is more advantageous than legal entry for operational security reasons,” Loy testified.