6
Telecommunications
With regard to telecommunications, the committee was asked by the Internal Revenue Service (IRS) to analyze the Tax Processing Systems Architecture to determine whether the planning information system resources are feasible and manageable, and will minimize telecommunications loads and response times. To that end, the committee conducted interviews with the IRS and reviewed the Telecommunications Tactical Plan (TTP).1 The committee also requested information about the Treasury Communications System (TCS), but since that was currently within the government procurement process, the IRS was not able to provide much specific information.
Based on the information provided to it, the committee concludes that
-
Telecommunications loads will necessarily increase over time because of the distributed nature of Tax Systems Modernization (TSM);
-
Telecommunications planning within the IRS needs to be improved, including development of a comprehensive plan for using the TCS to achieve TSM goals; and
-
Detailed response time analysis is needed, including analysis of the delays associated with the security architecture.
Indeed, since the committee’s October 1994 interim report, which highlighted the need for both contingency planning to accommodate TCS schedule slippage and telecommunications response time analysis,2 the most significant change in TSM from a telecommunications perspective appears to have been further slippage of TCS procurement. Security issues concerning the relationship between TCS and TSM applications continue to be unresolved at a detailed level, and surprises may well occur in this area as development activities proceed.
IRS/Department of the Treasury responses to the committee’s questions on telecommunications have been as follows:
-
The Consolidated Data Network (CDN) is currently serving the needs of the IRS and can be extended as long as necessary to effect a transition to the new TCS;3
-
TCS schedule slippages (now cumulatively 3 years) have been unavoidable, as have organizational changes in the TCS Executive Agent and TCS procurement;
-
Detailed response time planning and IRS operational security service requirements will be satisfied by TCS and other mechanisms, as needed. The requirements to which TCS was bid may have been overtaken by the 1994 reorientation of the TSM program, but the TCS program when awarded will (easily) adjust to the new requirements.
-
The TTP of August 1994 lays out, at a general level, current and target telecommunications architectures, site planning needs, and a migration path to the target architecture. It also contains “tool kits” for requirements analysis and acquisition. Telecommunications requirements of applications are usually discussed at a functional level only.
The very general nature of the IRS/Department of the Treasury responses cited above and the level of discussion in the TTP, particularly in light of the committee’s comments in its interim report, have increased the committee’s level of concern about TCS schedule and scope, TSM telecommunications management, response times, and security.
TCS SCHEDULE AND SCOPE
The TCS procurement is a critical part of the infrastructure needed to support TSM systems and applications. The TCS contract will provide many telecommunications services that either are not provided currently by the existing Department of the Treasury CDN contract or are too expensive for wide use. These services will provide a data communications basis for TSM well into the next century.
Unfortunately, the scope of TCS appears to be growing, partially in light of the national information infrastructure (NII) initiative and the reinventing government initiative, to support agencies other than the Department of the Treasury. Since TCS is an essential aspect of the IRS modernization plans, any increase in the scope of TCS impinges on TSM planning. The IRS must be prepared to alter its TSM telecommunications plans if the TCS contract is modified to the extent that it no longer satisfies TSM needs.
TELECOMMUNICATIONS MANAGEMENT
The IRS does not appear to treat telecommunications as a critical aspect of TSM. Most private sector concerns have a department clearly identified and operating at a high level within the information systems organization to handle planning for and operation of
the telecommunications function, and to work with telecommunications providers to minimize costs and improve service. For example, at the Travelers Insurance and the Marriott corporations, such an organization is headed by a vice president reporting to the chief information officer. In the Social Security Administration, a similar function is headed by an assistant commissioner. In contrast, the IRS has not yet defined an organization at a similar level to manage telecommunications issues.4 The lack of an organization in the past is somewhat understandable, but as the IRS modernizes itself into an organization using modern telephone and data communications, solid telecommunications management is needed.
At a minimum, the following telecommunications issues must be addressed by high-level IRS managers, TSM developers, and telecommunications specialists:
-
Development of a comprehensive plan for migrating from CDN to TCS;
-
Analysis of future telecommunications costs for all TSM systems and applications; and
-
Development of a detailed telecommunications model to allow analysis of performance and security issues.
Indeed, several of the TSM projects have individually established their telecommunications requirements and cost estimates, but there does not appear to be a complete, up-to-date set of such information or a comprehensive process for ensuring that the information remains correct.
OVERALL TELECOMMUNICATIONS RESPONSE TIMES
The IRS’s lack of attention to overall telecommunications response time analysis continues to be a concern. Besides the lack of goals for security access times (see below), there do not seem to be agreed-on goals for access time delays through TCS and FTS 2000,5 or agreed-on goals for lost messages and calls or blocking. The TSM architecture addresses neither static delays nor traffic-related delays on the local and wide area networks. The TTP also is largely silent in this area. As discussed in the committee’s interim report,6 with maximum connectivity a terminal might have to transit at least two
local area networks, two bridge/routers, and three “bandwidth management system”7 components to get to a major host processor, and take the same route back to a distant terminal (based on the “Evolutionary Drawings and Implementation Guidelines” section of the TTP with no use of the TCS interdomain backbone). This totals 14 static delay nodes plus transmission delays plus security access delays, before traffic-related delays are even introduced. The committee believes that traffic-related delays will be the determining factor, but this cannot be determined until proper system modeling has taken place.
The committee is concerned that response time goals and a plan to manage those goals have not been formulated yet. Such goals are critical to the overall acceptance of TSM by end users and to provide developers with requirements for their applications. Thus, the committee is also concerned that sufficient priority has not been given to overall network simulation. The experience of major corporations has been that simulation, like infrastructure, needs to be an early part of launching a project having the size and complexity of TSM. Instead, it seems to be an after-the-fact consideration by the IRS. When the network is assembled, the neglect of this approach could turn out to be a substantial problem, requiring compromises that may have a negative impact on desired operational factors. Two members of the committee with experience in establishing system response time simulation groups have both stated that they found a minimum critical mass of 20 to 25 people with mathematical and analytical skills to be needed. The IRS directly, or through the Integrated Support Contract, should take prompt steps to establish and benefit from such a group in advance of major TSM deployment activities.
TELECOMMUNICATIONS CONNECTIVITY VERSUS SECURITY
Both the TCS and the telecommunications planning for TSM reflect a telecommunications architecture of potential universal connectivity. Thus, it is left to the TSM security architecture, and its management approach, to defend taxpayer privacy against all intrusions. Management discipline will also need to extend to such features of the TSM as allowing terminals to have access to TSM platforms via modems. In this scenario, there is an exposure to unauthorized “sniffing” of identification numbers and passwords at each point through which the connection passes in the public switched telephone network. Although the bulk of unauthorized intrusion into IRS files has to date been from internal browsing by IRS employees, increased intrusions from outside the IRS should be expected as a consequence of the expanded connectivity. (See Chapter 5 for more details.)
The existing IRS security architecture poses telecommunications response time issues. An objective target for security access time delay—the time it takes for a user to pass through security “firewalls” to get to the desired data—must be set. Too short a target either will require extra costs in providing for greater security protocol processing speed or may require a protocol that is less secure than is desired. If speed and protocol are fixed, the access time delay may prove to be excessive for adequate operational use.