In its July 2007 Report for Congress, Fusion Centers: Issues and Options for Congress (pdf), the Congressional Research Service (CRS) finds that many states lack a state-wide intelligence system with access to databases within their own jurisdiction. Such systems are expensive and potentially problematic in getting all agencies with homeland security-related missions to adopt a particular system. The report cites one of the more advanced Fusion centers which reported having access to only 30% of law enforcement data in the state.
These findings lead to other questions. If fusion centers aren't operating intelligence systems and lack access to state/local homeland security information, what information are they processing and how? What technology capabilities should fusion centers possess to meet processing needs of national, state and local level intelligence? Do technology solutions exist that meet these needs and are broadly adoptable and cost effective?
As a matter of fact, we don't need to look far for answers. One of the most dynamic areas of technology today, Enterprise 2.0 (E2.0), is about collecting and making knowledge available to online communities. According to Wikipedia: "Where Enterprise 1.0 focused on a few individuals compiling business knowledge and distributing it to others such as through email, Enterprise 2.0 seeks to centralize business knowledge in a community database and allow each worker to view and source change that content in a highly collaborative and participatory process."
Contents |
This paper outlines a practical, cost-effective fusion center technology strategy that couples best-of-breed commercial and free open source systems. This strategy emerges from lessons learned and knowledge gained from interviews at a number of fusion centers combined with successful implementation of Enterprise 2.0 systems.
You may have heard the expression: "get the right information, to the right people, at the right time". However, you may not know that it continues: "...with the right level of detail, in the right medium". This information society "bill of rights" expresses goals for what might be considered second generation fusion center intelligence management.
Second generation fusion centers use technology to improve fidelity, accelerate flow, increase capacity and enhance access to intelligence content. They are capable of servicing intelligence needs of both law enforcement and non-law enforcement community members. They don't simply broadcast intelligence messages, but provide mechanisms for collaborative online exchange and real-time input and notification. Second generation fusion centers synthesize and route intelligence putting recipients in the position to respond appropriately.
What follows are functional statements of fusion center needs in three areas: collecting, synthesizing and structuring intelligence content. Each is accompanied by technology solution component suited for the particular need and complementary with the others.
Intelligence fusion starts with identifying and tapping appropriate content sources. Each center's planning process and resulting Priority Intelligence Requirements (PIRs) determines which information categories are useful. However, one can be confident that digital information will be accessed from diverse source systems. Typical sources include:
Fusion technology must support operations that gather, organize, synthesize and disseminate this content along relevant dimensions: activity, event, location, date/time, people, organization and so on. This includes analysis processes that determine and link facts and uncover patterns, exceptions and anomalies.
Direct connects, EAI, data warehouses and other traditional IT approaches are too inflexible, time-consuming and expensive for fusion center purposes. Moreover, these approaches do little with unstructured free text, which makes up the bulk of fusion content. However, an E2.0 technology is readily available that efficiently organizes and provides access to digital content in many forms, from many sources: Enterprise Search.
Search engines routinely traverse vast networks, scanning databases, indexing and retrieving content from network accessible resources of all types. Search software organizes massive quantities of information and typically responds to search requests within a second or less. Google, Yahoo and MSN are Internet examples. Systems geared toward enterprise needs, like the FAST Search product, go beyond basic search indexing to provide advanced context-based entity extraction, notification/alerts, and analytical and information visualization capabilities that rival business intelligence systems. When it comes to rapid information collection from diverse network sources, no other technology comes close to Enterprise Search at meeting fusion center needs.
All fusion centers, full service and limited operation centers alike, need to process and record local fusion content. However, as the CRS report notes, few of the nearly 40 fusion centers have an operational intelligence database. Typically, intelligence is recorded using Microsoft office documents and periodically distributed via email.
This document-centric, single delivery method poses a number of problems. First, it fragments bits of intelligence into separate documents making it difficult to piece together related material that doesn't arrive at the same time. Second, later recovery relies upon memories of analysts who touched the information. Third, source files are frequently stored on difficult-to-access local PC disks limiting opportunities for information sharing (even to the point of effectively losing it if the author leaves the organization). Forth, this "one size fits all" approach indiscriminately broadcasts information to all communities of interest, regardless of relevance or appropriate level of detail, exacerbating problems of circular reporting and information overload.
An intelligence database overcomes these limitations, providing an easy-to-use, shared environment for local centers to record and access facts about persons of interest, relationships, places, events, activities and discoveries and disseminate this around the fusion community. A second E2.0 technology is available that's well-suited to quickly, easily and inexpensively establish an intelligence database system. Known as "wiki" (a Hawaiian term that means "rapid"), these systems offer a robust environment for groups to collaboratively manage intelligence information. In fact, wiki technology, specifically the open source Mediawiki system, powers the popular Wikipedia on the Internet and the US intelligence community's Intelipedia knowledge base.
A wiki provides easy to use tools for non-technical users to enter, edit, link and share information content on web pages using a browser. It affords the fusion community maximum appropriate information access through a variety of forms, including: web browser, email, RSS feeds and other media. Wiki's invoke the community brain effect, where many people collectively pursue an objective, applying experience and knowledge that regularly produces results superior to that of an individual.
Wiki provides more information granularity than the above mentioned document-centric approach. Wiki's organize content by subjects that may be aggregated and linked into a broader case files, reports, etc. For example, a suspicious activity report may involve a suspect, witness, location, time and activity. Using wiki, each of these becomes a separate intelligence element that analysts assemble into a report. These elements may also be analyzed and subsequently linked in other ways. For example, additional information may become available on the same suspect, the location may be the target of another threat, or the same witness may report more than one suspicious activity. Used in this way, wiki is not only an effective tool for capturing and sharing collective fusion center knowledge, it aids in discovery of previously undetected patterns and anomalies.
Importantly, wiki doesn't require import of all content into its local database. It provides simple methods to link and reference information at external sites. The fusion center network and broader Internet effectively become the intelligence database, vastly amplifying fusion centers' intelligence management capabilities. As the next section explains, wiki also provides a semantic web information modeling capability that makes the system a uniquely superior intelligence database solution.
A consistent, uniform vocabulary is central to successful fusion center intelligence management. When integrating information from diverse sources, you will encounter situations where different terms are used for the same meaning (e.g.; "homicide" and "killing") and the same term is used but with different meaning (e.g.; "dog:bark" and "tree:bark"). Defining and mapping information to a controlled, common (or canonical) vocabulary increases intelligence fidelity. Not only does it lead to better human understanding, it enables machine interpretation for purposes such as automated priority ranking, novelty detection and content linking.
Vocabulary definition is currently an area of significant activity on a national level. Two federal standards applicable to fusion centers are the Global Justice XML Data Model (GJXDM) and National Information Exchange Model (NIEM). At this writing, the so-called "harmony release", merging GJXDM with NIEM, is in final draft form. Moreover, organizations are extending NIEM, creating detailed vocabularies for a number of topics, including: suspicious activity/incident reports, Amber alerts, field interviews, terrorist watch lists and many others. The IEPD (Information Exchange Package Documentation) Clearing House is an exchange set up by the Department of Justice for publishing and sharing vocabularies.
An essential component of second generation fusion is using semantic web structure for modeling information. The semantic web is an extension of the current World Wide Web that expresses content in more human readable form. It provides a framework for combining information drawn from different sources making it easier for computer systems to interpret and share information across application, enterprise and community boundaries. The World Wide Web Consortium (W3C) open standards organization stewards formal specifications for the semantic web.
Semantic MediaWiki (SMW) is an open source extension to the Mediawiki system that enables semantic web intelligence processing capabilities within the wiki. Using SWM users can embed structured data along with free text in wiki articles. This structured data may be searched, browsed, calculated and linked in ways comparable to database tables. However, unlike structured databases, the adaptable semantic web approach is friendly to the emergent needs of fusion centers. Addition and changes to structured information is quickly and easily performed by users, without need for software developers and code change.
For example, information about confidential informants may include structured content: name, date of birth, sex, height, weight, tattoos/identifying marks, telephone and address. The informant's free text information may include information about alleged illegal activities, people, locations and so on. Using semantic web, the wiki can automatically surface correlations between subjects, revealing previously undetected associations and patterns.
From technical standpoint, setting up a fusion center common vocabulary framework involves selecting and extending standard vocabularies (NIEM, etc), mapping these to semantic web form, and configuring schema for the search engine, wiki intelligence database and other fusion center systems. Dictionaries, thesauri and transformations definitions are also created to map incoming content into fusion center systems and exchange with others.
Fusion centers are under scrutiny for under utilizing state and local intelligence resources. To correct this deficiency, second generation fusion centers will put technology to better use: collecting, synthesizing, evaluating and disseminating useful, trustworthy intelligence to law enforcement decision makers. This article articulates a strategy combining best-of-breed, proven commercial and open source technologies that rapidly and inexpensively enhance information access and management.