Article - Issue 15, February/March 2003
Homeland Security and broadband access
Paul A. Turner
A US perspective
The vulnerability of our modern infrastructure to attack and disruption by terrorist organisations has become very apparent in recent years. In this article Paul Turner looks at the threat and the possible solutions and consequences.
Perspective of the future The events of September 11 2001 changed our lives forever. The risk calculus we face in the future will be fundamentally different from what we have experienced in the past.
The debate is now on the ways our information technology infrastructures must evolve in order to support the continuity of business and government in this new context. The initial airborne attack was followed a few weeks later by a different terrorist attack, that of anthrax delivered by that most benign of all vehicles, the US postal service. Several people died; the work of millions was disrupted and the major postal sorting facility that was involved is still closed.
The enduring sense is that of the tremendous vulnerability of the infrastructure of our modern society to the actions of a tiny group of terrorists intent on mayhem. Others will argue, from their specialised perspectives, certain cause, effect and remedy – but as engineers and the builders of our infrastructure, we need to address those aspects that lie within our purview and offer to government and industry any remedies that we believe have practical relevance.
The Homeland Security initiatives that the Government in the US has begun are awesome in scope and mind-numbing in complexity. They point up just how many points of attack there are in a world of accelerating global trade and where large-scale movement of people across national borders often occurs with minimal controls. Compounding the issue for our democratic cultures are the personal privacy and legal protections enshrined in our written and unwritten constitutions and avidly defended.
The importance of identity
One topical example of real importance is the matter of identification cards. In the US and in parts of Europe, the historical associations of a National Identification Card make such an undertaking extremely difficult and yet, without the ability to establish identity quickly, security is seriously compromised.
Driving licences, issued by the state of residence in the US, have assumed the de facto equivalence of a national ID card. Air travel, car rental and indeed many aspects of daily consumer life in the US without a drivering licence or (passport) is somewhere between difficult and impossible. Standardising on a common format for licenses across all the states and incorporating smartcard technology would increase their security value, but put increased importance on the first step in the process: authenticating the identity of the applicant. Birth certificates issued by thousands of counties are notoriously easy to forge.
One approach here is a system that can access public domain databases to check the answer to a series of simple questions to a licence applicant.
‘What was the first car you owned?’ ‘You give your address where you were born as Windsor Avenue, Leyland, Lancs. What was the nearest cross street?’
AMS has developed a decision-support system like this, and in tests with the Department of Transportation in Pennsylvania, it has been highly effective as a first screen device. This is an example of a point solution to a specific problem.
Consider a much more general problem that terrorism poses and potential ways to alleviate some of the most serious consequences.
The airborne attacks of September 11 and the subsequent anthrax attacks were focused on the intense concentrations of people in the buildings which are characteristic of modern cities. These concentrations raise both the attractiveness to the terrorist looking for targets and the magnitude of the post-attack disruption to business and government. The threat to the continuity of government is striking. A dirty nuclear device exploded at the centre of a major capital would rupture the functioning of government for months, independent of any immediate casualties. The situation would be similar for a biological attack.
While it is not possible to stop all attacks with certainty, it is possible to minimise the post-attack disruptive effects. Concentrating knowledge work in city centres has increasingly been recognised for escalating costs to society, but it now needs to be seen as incurring additional risk burdens. If organisations enabled remote working for their critical staff, with the objective of ensuring continuity of operations in the event of major buildings being made uninhabitable, we could greatly reduce our vulnerability.
How to enable geographically remote groups of people to work together effectively is an issue with several dimensions. Telework has a long history, not all of it encouraging. Social isolation, and supervisory misgivings have been two common themes. Yet other examples of geographically dispersed teams working collaboratively together on projects have become commonplace, and the whole offshore outsourcing industry relies on it. So there is a large and growing body of evidence that remote groups can work collaboratively and effectively together. Moreover, we have powerful new collaborative work tools that have been enabled by broadband communications.
Researchers at Tulane University have been pursuing telemedicine applications involving high-quality picture transmission with notable success for several years and remotely controlled surgical procedures have been tested in Europe. Other work also supports the notion that broadband connectivity can radically improve the effectiveness and congeniality of remote work.
This brings us to an obvious conundrum: while there is ample transmission capacity in the backbone networks of many developed countries, the last extensions to the home, needed to support telework, can be problematic. Two years ago, before the dot.com and telecom industry meltdown, this seemed like a short-term problem that would fade away in a few years. Today there is only a dim light at the end of the tunnel. About 12% of people in the US have access to broadband at home, using cable modems or DSL, and in Europe it is lower. Clearly, we do not yet have in place the end-to-end broadband network that is required to support effective large-scale telework and in the ordinary course of business, it will be years before it arrives in a comprehensive sense.
From an industry perspective, it is a classic ‘chicken and egg’ situation. Without a broadband network in place, there is no incentive to develop compelling consumer broadband applications. Without applications, there is no incentive to build one, even if capital were available.
It is interesting to reflect that the narrowband telecom infrastructures in many countries were built with government support. Surely there is a case here for short-term governmental support to prime the broadband pump, in the interests of national security, but with major benefits to the economy overall, since broadband infrastructure is key to revitalising the current sluggish economy. This can be done without government picking technology winners and losers. An implementation plan covering the cost of broadband access for key government staff, with tax relief for private industry for the same purpose, could achieve the objective. There have been some encouraging signals from senior levels in the US Government and Department of Homeland Security that this message has been heard.
There is a compelling historical analogue in the US. During the Eisenhower regime, the US began construction of the Interstate highway system so that missiles could be in constant motion and impossible to target. This ensured the fabled second-strike capability that underpinned the deterrence philosophy of the Cold War. This was a government investment in physical infrastructure for national security. It did, of course, have other broad and far-ranging benefits for the economy.
Here too there are striking parallels, since there are major ancillary benefits to trading electronic for physical infrastructure. As we all know, commuting represents one of the major challenges to our cities economically and in terms of environmental damage. The time taken to plan and execute the improvements to roads and public transportation that projected growth in commuter traffic requires, means that we are in a death spiral. A recent study by Anthony Yezer, an economist at George Washington University, cast some interesting light on the costs involved in adding commuter capacity by road and by light rail. Since there are several projects currently funded and under way in the DC area and the project budgets are a matter of public record, he could readily calculate the actual minimum incremental costs per commuter by road or by rail. His numbers are conservative understatements since many of the real but indirect costs that are hard to quantify were excluded. Nevertheless, they are striking. For a commuter driving 15 miles to work in the DC area, the taxpayer cost was approximately US$3000 per year. For a metro rail commuter, it was US$4000–$7000 per year.
As a society, can we afford to continue rolling the commuter rock up an ever-steeper hill? Or can we begin now to put aggressive leverage on electronic infrastructures in place of the physical variety.
Would it not be wonderfully ironic and fitting if the actions of terrorists, bent on doing terminal damage to the society and economy of the West, had precisely the opposite effect?
Without a broadband network in place, there is no incentive to develop compelling consumer broadband applications.
Paul A. Turner
Executive Vice President and Chief Technology Officer AMS INC.
Paul A. Turner is Executive Vice President and Chief Technology Officer of American Management Systems, Inc. in Fairfax, Virginia, where he directs the technology, research, development and strategy for the company. Previously, Mr Turner was the founder and partner in charge of the PricewaterhouseCoopers Global Technology Centre, a leading resource for the research, development and application of emerging technologies. In this position, Mr Turner focused on developing specialised productivity software tools and monitoring and forecasting developments in information technology. Prior to joining PricewaterhouseCoopers, Mr Turner was Vice President for Research Portfolio Management at the Xerox Palo Alto Research Center where he directed the systems development lab. Mr Turner holds BSc and PhD degrees from the Imperial College of the University of London.