INFORMATION TECHNOLOGY FOR COUNTERTERRORISM
IMMEDIATE ACTIONS AND FUTURE POSSIBILITIES
John L. Hennessy, David A. Patterson, and Herbert S. Lin, Editors
THE NATIONAL ACADEMIES PRESS
Washington, D.C. www.nap.edu
THE NATIONAL ACADEMIES PRESS
500 Fifth Street, N.W. Washington, DC 20001
NOTICE: This project was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for this final report were chosen for their special competences and with regard for appropriate balance.
The study from which this report is largely derived was supported by private funds from the National Academies. The additional work required to produce this report was supported by core funding from the Computer Science and Telecommunications Board (CSTB). Core support for CSTB in this period was provided by the Air Force Office of Scientific Research, Department of Energy, National Institute of Standards and Technology, National Library of Medicine, National Science Foundation, Office of Naval Research, and the Cisco, Intel, and Microsoft corporations. Sponsors enable but do not influence CSTB’s work. Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the organizations or agencies that provide support for CSTB.
International Standard Book Number 0-309-08736-8
Library of Congress Control Number: 2003101593
Copies of this report are available from the
National Academies Press,
500 Fifth Street, N.W., Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 in the Washington metropolitan area. Internet, http://www.nap.edu.
Additional copies of this report are available in limited quantity from the Computer Science and Telecommunications Board, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001. Call (202) 334-2605 or e-mail the CSTB at cstb@nas.edu.
Copyright 2003 by the National Academy of Sciences. All rights reserved.
Printed in the United States of America
Suggested citation: Computer Science and Telecommunications Board, Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, The National Academies Press, Washington, D.C., 2003.
THE NATIONAL ACADEMIES
Advisers to the Nation on Science, Engineering, and Medicine
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce M. Alberts is president of the National Academy of Sciences.
The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Wm. A. Wulf is president of the National Academy of Engineering.
The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine.
The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chair and vice chair, respectively, of the National Research Council.
COMMITTEE ON THE ROLE OF INFORMATION TECHNOLOGY IN RESPONDING TO TERRORISM
JOHN HENNESSY,
Stanford University,
Chair
DAVID A. PATTERSON,
University of California at Berkeley,
Vice Chair
STEVEN M. BELLOVIN,
AT&T Laboratories
W. EARL BOEBERT,
Sandia National Laboratories
DAVID BORTH,
Motorola Labs
WILLIAM F. BRINKMAN,
Lucent Technologies
(retired)
JOHN M. CIOFFI,
Stanford University
W. BRUCE CROFT,
University of Massachusetts at Amherst
WILLIAM P. CROWELL,
Cylink Inc.
JEFFREY M. JAFFE,
Bell Laboratories, Lucent Technologies
BUTLER W. LAMPSON,
Microsoft Corporation
EDWARD D. LAZOWSKA,
University of Washington
DAVID LIDDLE,
U.S. Venture Partners
TOM M. MITCHELL,
Carnegie Mellon University
DONALD NORMAN,
Northwestern University
JEANNETTE M. WING,
Carnegie Mellon University
Staff
HERBERT S. LIN, Senior Scientist and Study Director
STEVEN WOO, Program Officer
DAVID DRAKE, Senior Project Assistant
COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD 2002-2003
DAVID D. CLARK,
Massachusetts Institute of Technology,
Chair
ERIC BENHAMOU,
3Com Corporation
DAVID BORTH,
Motorola Labs
JOHN M. CIOFFI,
Stanford University
ELAINE COHEN,
University of Utah
W. BRUCE CROFT,
University of Massachusetts at Amherst
THOMAS E. DARCIE,
AT&T Labs Research
JOSEPH FARRELL,
University of California at Berkeley
JOAN FEIGENBAUM,
Yale University
HECTOR GARCIA-MOLINA,
Stanford University
WENDY KELLOGG,
IBM Thomas J. Watson Research Center
BUTLER W. LAMPSON,
Microsoft Corporation
DAVID LIDDLE,
U.S. Venture Partners
TOM M. MITCHELL,
Carnegie Mellon University
DAVID A. PATTERSON,
University of California at Berkeley
HENRY (HANK) PERRITT,
Chicago-Kent College of Law
DANIEL PIKE,
Classic Communications
ERIC SCHMIDT,
Google Inc.
FRED SCHNEIDER,
Cornell University
BURTON SMITH,
Cray Inc.
LEE SPROULL,
New York University
WILLIAM STEAD,
Vanderbilt University
JEANNETTE M. WING,
Carnegie Mellon University
Staff
MARJORY S. BLUMENTHAL, Executive Director
HERBERT S. LIN, Senior Scientist
ALAN S. INOUYE, Senior Program Officer
JON EISENBERG, Senior Program Officer
LYNETTE I. MILLETT, Program Officer
CYNTHIA A. PATTERSON, Program Officer
STEVEN WOO, Dissemination Officer
JANET BRISCOE, Administrative Officer
RENEE HAWKINS, Financial Associate
DAVID PADGHAM, Research Associate
KRISTEN BATCH, Research Associate
PHIL HILLIARD, Research Associate
MARGARET HUYNH, Senior Project Assistant
DAVID DRAKE, Senior Project Assistant
JANICE SABUDA, Senior Project Assistant
JENNIFER BISHOP, Senior Project Assistant
BRANDYE WILLIAMS, Staff Assistant
For more information on CSTB, see its Web site at <http://www.cstb.org>, write to CSTB, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001, call at (202) 334-2605, or e-mail at cstb@nas.edu.
Preface
Immediately following the events of September 11, 2001, the National Academies (including the National Academy of Sciences, the National Academy of Engineering, the Institute of Medicine, and the National Research Council) offered its services to the nation to formulate a scientific and technological response to the challenges posed by emerging terrorist threats that would seek to inflict catastrophic damage on the nation’s people, its infrastructure, or its economy. Specifically, it supported a project that culminated in a report entitled Making the Nation Safer: The Role of Science and Technology in Countering Terrorism (The National Academies Press, Washington, D.C.) that was released on June 25, 2002. That project, chaired by Lewis M. Branscomb and Richard D. Klausner, sought to identify current threats of catastrophic terrorism, understand the most likely vulnerabilities in the face of these threats, and identify highly lever-aged opportunities for contributions from science and technology to counterterrorism in both the near term and the long term.
Taking the material on information technology contained in Making the Nation Safer as a point of departure, the Committee on the Role of Information Technology in Responding to Terrorism, identical to the Panel on Information Technology that advised the Branscomb-Klausner committee, drew on sources, resources, and analysis unavailable to that committee during the preparation of its report. In addition, the present report contains material and elaborations that the Branscomb-Klausner committee did not have time to develop fully for the parent report. Both reports are aimed at spurring research in the science and technology com
munities to counter and respond to terrorist acts such as those experienced on September 11.
In addition to presenting material on information technology (IT), Making the Nation Safer includes chapters on nuclear and radiological threats, human and agricultural health systems, toxic chemicals and explosive materials, energy systems, transportation systems, cities and fixed infrastructure, and the response of people to terrorism. The present report focuses on IT—its role as part of the national infrastructure, suggested areas of research (information and network security, IT for emergency response, and information fusion), and the people and organizational aspects that are critical to the acceptance and use of the proposed solutions. Note that policy is not a primary focus of this report, although policy issues are addressed as needed to provide context for the research programs outlined here.
Information Technology for Counterterrorism draws on many past reports and studies of the Computer Science and Telecommunications Board (CSTB). These CSTB reports include Cybersecurity Today and Tomorrow: Pay Now or Pay Later; Computers at Risk: Safe Computing in the Information Age; Embedded, Everywhere: A Research Agenda for Networked Systems of Embedded Computers; Realizing the Potential of C4I: Fundamental Challenges; Information Technology Research for Crisis Management; and Computing and Communications in the Extreme, among others. Furthermore, the report leverages current CSTB studies on geospatial information, authentication technologies, critical infrastructure protection and the law, and privacy.
The Committee on the Role of Information Technology in Responding to Terrorism included current and past CSTB members as well as other external experts. The 16 committee members (see the appendix for committee and staff biographies) are experts in computer, information, Internet, and network security; computer and systems architecture; computer systems innovation, including interactive systems; national security and intelligence; telecommunications, including wireline and wireless; data mining and information fusion and management; machine learning and artificial intelligence; automated reasoning tools; information-processing technologies; information retrieval; networked, distributed, and high-performance systems; software; and human factors. To meet its charge, the committee met several times over a 2-month period and conducted extensive e-mail dialogue to discuss the report text.
As was the parent report, this focused report was developed quickly, with the intent of informing key decision makers with respect to the role of information technology in the homeland security effort. The treatment of any of the subjects in this report is far from comprehensive or exhaustive—instead, the report highlights those subject aspects that the committee deems critical at this time. Accordingly, the report builds on, and cites
heavily, prior CSTB reports that more substantially address the relevant issues.
The committee wishes to thank the CSTB staff (Herbert Lin as study director, Steven Woo for research support, and D.C. Drake for administrative support) for developing coherent drafts from scraps of e-mail and brief notes from committee meetings.
John L. Hennessy, Chair
David A. Patterson, Vice Chair
Committee on the Role of Information Technology in Responding to Terrorism
Acknowledgment of Reviewers
This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making the published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their participation in the review of this report:
Edward Balkovich, The RAND Corporation,
Richard Baseil, The MITRE Corporation,
Jules A. Bellisio, Telcordia,
Tom Berson, Anagram Laboratories,
James Gray, Microsoft,
Daniel Huttenlocher, Cornell University,
Richard Kemmerer, University of California at Santa Barbara,
Keith Marill, New York University Bellevue Hospital Center,
William Press, Los Alamos National Laboratory,
Fred Schneider, Cornell University, and
Edward Wenk, University of Washington.
Although the reviewers listed above provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by R. Stephen Berry of the University of Chicago. Appointed by the NRC’s Report Review Committee, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the Computer Science and Telecommunications Board and the National Research Council.