Counterterrorism:Immediate Actions and Future Possibilities

INFORMATION TECHNOLOGY FOR COUNTERTERRORISM

IMMEDIATE ACTIONS AND FUTURE POSSIBILITIES

Committee on the Role of Information Technology in Responding to Terrorism

Computer Science and Telecommunications Board

NATIONAL RESEARCH COUNCIL OF THE NATIONAL ACADEMIES

John L. Hennessy, David A. Patterson, and Herbert S. Lin, Editors

THE NATIONAL ACADEMIES PRESS
Washington, D.C. www.nap.edu



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page R1
Information Technology for Counterterrorism:Immediate Actions and Future Possibilities INFORMATION TECHNOLOGY FOR COUNTERTERRORISM IMMEDIATE ACTIONS AND FUTURE POSSIBILITIES Committee on the Role of Information Technology in Responding to Terrorism Computer Science and Telecommunications Board NATIONAL RESEARCH COUNCIL OF THE NATIONAL ACADEMIES John L. Hennessy, David A. Patterson, and Herbert S. Lin, Editors THE NATIONAL ACADEMIES PRESS Washington, D.C. www.nap.edu

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities THE NATIONAL ACADEMIES PRESS 500 Fifth Street, N.W. Washington, DC 20001 NOTICE: This project was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for this final report were chosen for their special competences and with regard for appropriate balance. The study from which this report is largely derived was supported by private funds from the National Academies. The additional work required to produce this report was supported by core funding from the Computer Science and Telecommunications Board (CSTB). Core support for CSTB in this period was provided by the Air Force Office of Scientific Research, Department of Energy, National Institute of Standards and Technology, National Library of Medicine, National Science Foundation, Office of Naval Research, and the Cisco, Intel, and Microsoft corporations. Sponsors enable but do not influence CSTB’s work. Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the organizations or agencies that provide support for CSTB. International Standard Book Number 0-309-08736-8 Library of Congress Control Number: 2003101593 Copies of this report are available from the National Academies Press, 500 Fifth Street, N.W., Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 in the Washington metropolitan area. Internet, http://www.nap.edu. Additional copies of this report are available in limited quantity from the Computer Science and Telecommunications Board, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001. Call (202) 334-2605 or e-mail the CSTB at cstb@nas.edu. Copyright 2003 by the National Academy of Sciences. All rights reserved. Printed in the United States of America Suggested citation: Computer Science and Telecommunications Board, Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, The National Academies Press, Washington, D.C., 2003.

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities THE NATIONAL ACADEMIES Advisers to the Nation on Science, Engineering, and Medicine The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce M. Alberts is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Wm. A. Wulf is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chair and vice chair, respectively, of the National Research Council. www.national-academies.org

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities COMMITTEE ON THE ROLE OF INFORMATION TECHNOLOGY IN RESPONDING TO TERRORISM JOHN HENNESSY, Stanford University, Chair DAVID A. PATTERSON, University of California at Berkeley, Vice Chair STEVEN M. BELLOVIN, AT&T Laboratories W. EARL BOEBERT, Sandia National Laboratories DAVID BORTH, Motorola Labs WILLIAM F. BRINKMAN, Lucent Technologies (retired) JOHN M. CIOFFI, Stanford University W. BRUCE CROFT, University of Massachusetts at Amherst WILLIAM P. CROWELL, Cylink Inc. JEFFREY M. JAFFE, Bell Laboratories, Lucent Technologies BUTLER W. LAMPSON, Microsoft Corporation EDWARD D. LAZOWSKA, University of Washington DAVID LIDDLE, U.S. Venture Partners TOM M. MITCHELL, Carnegie Mellon University DONALD NORMAN, Northwestern University JEANNETTE M. WING, Carnegie Mellon University Staff HERBERT S. LIN, Senior Scientist and Study Director STEVEN WOO, Program Officer DAVID DRAKE, Senior Project Assistant

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD 2002-2003 DAVID D. CLARK, Massachusetts Institute of Technology, Chair ERIC BENHAMOU, 3Com Corporation DAVID BORTH, Motorola Labs JOHN M. CIOFFI, Stanford University ELAINE COHEN, University of Utah W. BRUCE CROFT, University of Massachusetts at Amherst THOMAS E. DARCIE, AT&T Labs Research JOSEPH FARRELL, University of California at Berkeley JOAN FEIGENBAUM, Yale University HECTOR GARCIA-MOLINA, Stanford University WENDY KELLOGG, IBM Thomas J. Watson Research Center BUTLER W. LAMPSON, Microsoft Corporation DAVID LIDDLE, U.S. Venture Partners TOM M. MITCHELL, Carnegie Mellon University DAVID A. PATTERSON, University of California at Berkeley HENRY (HANK) PERRITT, Chicago-Kent College of Law DANIEL PIKE, Classic Communications ERIC SCHMIDT, Google Inc. FRED SCHNEIDER, Cornell University BURTON SMITH, Cray Inc. LEE SPROULL, New York University WILLIAM STEAD, Vanderbilt University JEANNETTE M. WING, Carnegie Mellon University Staff MARJORY S. BLUMENTHAL, Executive Director HERBERT S. LIN, Senior Scientist ALAN S. INOUYE, Senior Program Officer JON EISENBERG, Senior Program Officer LYNETTE I. MILLETT, Program Officer CYNTHIA A. PATTERSON, Program Officer STEVEN WOO, Dissemination Officer JANET BRISCOE, Administrative Officer RENEE HAWKINS, Financial Associate DAVID PADGHAM, Research Associate KRISTEN BATCH, Research Associate PHIL HILLIARD, Research Associate MARGARET HUYNH, Senior Project Assistant

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities DAVID DRAKE, Senior Project Assistant JANICE SABUDA, Senior Project Assistant JENNIFER BISHOP, Senior Project Assistant BRANDYE WILLIAMS, Staff Assistant For more information on CSTB, see its Web site at <http://www.cstb.org>, write to CSTB, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001, call at (202) 334-2605, or e-mail at cstb@nas.edu.

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities Preface Immediately following the events of September 11, 2001, the National Academies (including the National Academy of Sciences, the National Academy of Engineering, the Institute of Medicine, and the National Research Council) offered its services to the nation to formulate a scientific and technological response to the challenges posed by emerging terrorist threats that would seek to inflict catastrophic damage on the nation’s people, its infrastructure, or its economy. Specifically, it supported a project that culminated in a report entitled Making the Nation Safer: The Role of Science and Technology in Countering Terrorism (The National Academies Press, Washington, D.C.) that was released on June 25, 2002. That project, chaired by Lewis M. Branscomb and Richard D. Klausner, sought to identify current threats of catastrophic terrorism, understand the most likely vulnerabilities in the face of these threats, and identify highly lever-aged opportunities for contributions from science and technology to counterterrorism in both the near term and the long term. Taking the material on information technology contained in Making the Nation Safer as a point of departure, the Committee on the Role of Information Technology in Responding to Terrorism, identical to the Panel on Information Technology that advised the Branscomb-Klausner committee, drew on sources, resources, and analysis unavailable to that committee during the preparation of its report. In addition, the present report contains material and elaborations that the Branscomb-Klausner committee did not have time to develop fully for the parent report. Both reports are aimed at spurring research in the science and technology com

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities munities to counter and respond to terrorist acts such as those experienced on September 11. In addition to presenting material on information technology (IT), Making the Nation Safer includes chapters on nuclear and radiological threats, human and agricultural health systems, toxic chemicals and explosive materials, energy systems, transportation systems, cities and fixed infrastructure, and the response of people to terrorism. The present report focuses on IT—its role as part of the national infrastructure, suggested areas of research (information and network security, IT for emergency response, and information fusion), and the people and organizational aspects that are critical to the acceptance and use of the proposed solutions. Note that policy is not a primary focus of this report, although policy issues are addressed as needed to provide context for the research programs outlined here. Information Technology for Counterterrorism draws on many past reports and studies of the Computer Science and Telecommunications Board (CSTB). These CSTB reports include Cybersecurity Today and Tomorrow: Pay Now or Pay Later; Computers at Risk: Safe Computing in the Information Age; Embedded, Everywhere: A Research Agenda for Networked Systems of Embedded Computers; Realizing the Potential of C4I: Fundamental Challenges; Information Technology Research for Crisis Management; and Computing and Communications in the Extreme, among others. Furthermore, the report leverages current CSTB studies on geospatial information, authentication technologies, critical infrastructure protection and the law, and privacy. The Committee on the Role of Information Technology in Responding to Terrorism included current and past CSTB members as well as other external experts. The 16 committee members (see the appendix for committee and staff biographies) are experts in computer, information, Internet, and network security; computer and systems architecture; computer systems innovation, including interactive systems; national security and intelligence; telecommunications, including wireline and wireless; data mining and information fusion and management; machine learning and artificial intelligence; automated reasoning tools; information-processing technologies; information retrieval; networked, distributed, and high-performance systems; software; and human factors. To meet its charge, the committee met several times over a 2-month period and conducted extensive e-mail dialogue to discuss the report text. As was the parent report, this focused report was developed quickly, with the intent of informing key decision makers with respect to the role of information technology in the homeland security effort. The treatment of any of the subjects in this report is far from comprehensive or exhaustive—instead, the report highlights those subject aspects that the committee deems critical at this time. Accordingly, the report builds on, and cites

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities heavily, prior CSTB reports that more substantially address the relevant issues. The committee wishes to thank the CSTB staff (Herbert Lin as study director, Steven Woo for research support, and D.C. Drake for administrative support) for developing coherent drafts from scraps of e-mail and brief notes from committee meetings. John L. Hennessy, Chair David A. Patterson, Vice Chair Committee on the Role of Information Technology in Responding to Terrorism

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities This page in the original is blank.

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities Acknowledgment of Reviewers This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making the published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their participation in the review of this report: Edward Balkovich, The RAND Corporation, Richard Baseil, The MITRE Corporation, Jules A. Bellisio, Telcordia, Tom Berson, Anagram Laboratories, James Gray, Microsoft, Daniel Huttenlocher, Cornell University, Richard Kemmerer, University of California at Santa Barbara, Keith Marill, New York University Bellevue Hospital Center, William Press, Los Alamos National Laboratory, Fred Schneider, Cornell University, and Edward Wenk, University of Washington.

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities Although the reviewers listed above provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by R. Stephen Berry of the University of Chicago. Appointed by the NRC’s Report Review Committee, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the Computer Science and Telecommunications Board and the National Research Council.

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities Contents     EXECUTIVE SUMMARY   1 1   BACKGROUND AND INTRODUCTION   10     1.1 What Is Terrorism?,   10     1.2 The Role of Information Technology in National Life and in Counterterrorism,   11     1.3 The Information Technology Infrastructure and Associated Risks,   12 2   TYPES OF THREATS ASSOCIATED WITH INFORMATION TECHNOLOGY INFRASTRUCTURE   15     2.1 Attack on IT as an Amplifier of a Physical Attack,   15     2.2 Other Possibilities for Attack Involving IT,   16     2.2.1 Attacks on the Internet,   16     2.2.2 Attacks on the Public Switched Network,   18     2.2.3 The Financial System,   20     2.2.4 Embedded/Real-Time Computing,   20     2.2.5 Control Systems in the National Critical Infrastructure,   21     2.2.6 Dedicated Computing Facilities,   23     2.3 Disproportionate Impacts,   23     2.4 Threats in Perspective: Possibility, Likelihood, and Impact,   24

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities 3   INVESTING IN INFORMATION TECHNOLOGY RESEARCH   28     3.1 Information and Network Security,   31     3.1.1 Authentication,   33     3.1.2 Detection,   35     3.1.3 Containment,   37     3.1.4 Recovery,   40     3.1.5 Cross-cutting Issues in Information and Network Security Research,   41     3.2 Systems for Emergency Response,   46     3.2.1 Intra- and Interoperability,   47     3.2.2 Emergency Deployment of Communications Capacity,   55     3.2.3 Security of Rapidly Deployed Ad Hoc Networks,   57     3.2.4 Information-Management and Decision-Support Tools,   58     3.2.5 Communications with the Public During an Emergency,   59     3.2.6 Emergency Sensor Deployment,   60     3.2.7 Precise Location Identification,   61     3.2.8 Mapping the Physical Aspects of the Telecommunications Infrastructure,   62     3.2.9 Characterizing the Functionality of Regional Networks for Emergency Responders,   62     3.3 Information Fusion,   63     3.3.1 Data Mining,   68     3.3.2 Data Interoperability,   69     3.3.3 Natural Language Technologies,   69     3.3.4 Image and Video Processing,   70     3.3.5 Evidence Combination,   70     3.3.6 Interaction and Visualization,   71     3.4 Privacy and Confidentiality,   71     3.5 Other Important Technology Areas,   75     3.5.1 Robotics,   75     3.5.2 Sensors,   76     3.5.3 Simulation and Modeling,   78     3.6 People and Organizations,   80     3.6.1 Principles of Human-Centered Design,   81     3.6.2 Organizational Practices in IT-Enabled Companies and Agencies,   89     3.6.3 Dealing with Organizational Resistance to Interagency Cooperation,   91

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities     3.6.4 Principles into Practice,   93     3.6.5 Implications for Research,   95 4   WHAT CAN BE DONE NOW?   97 5   RATIONALIZING THE FUTURE RESEARCH AGENDA   106     APPENDIX: BIOGRAPHIES OF COMMITTEE AND STAFF MEMBERS   115     WHAT IS CSTB?   127

OCR for page R1
Information Technology for Counterterrorism: Immediate Actions and Future Possibilities This page in the original is blank.