Continue in 2 seconds

Let's Be Smarter This Time Around

  • November 01 2002, 1:00am EST

The other day, I received an electronic flyer about a big meeting on security in Washington. The list of people and companies invited was impressive. There were Internet companies, encryption and decryption companies, companies that specialized in electronic break-ins and so forth. In terms of the Internet, Web access and protecting corporate and governmental data, the list included essentially everyone who is anyone. What's wrong with this picture?

Where were the architects and systems integrators? Where were the data warehouse specialists? They were nowhere to be found on the list.

Does anyone seriously think that all the Web and encryption protection in the world would have made the slightest dent in the terrorist activities on September 11? The terrorists of September 11 were not breaking into the Internet. They weren't violating anyone's encryption standards.

Stated differently – all the Web security, all the encryption security and all the internal systems protection in the world would have done no good whatsoever to prevent the events of September 11.

There are (at least) two kinds of security; and these two kinds of security are about as different as they can be from each other. They require completely different technologies and completely different approaches for implementation.

One kind of security can be called "break-in" security (for lack of a better term). Break-in security is the kind of security that prevents someone from entering an electronic place where he/she does not belong. Passwords, encryption and firewalls all provide break-in security. While break-in security prevents people from going places they shouldn't, it does not prevent anyone from taking an action.

The other kind of security can be called surveillance security. In this context, "surveillance" is used in the broadest sense.

Surveillance security systems monitor a variety of things unobtrusively so that the people being monitored do not know they are being monitored. Surveillance is conducted many ways (e.g., electronic monitoring on the computer network). Other forms of surveillance include audio monitoring (phone taps, underwater listening devices, etc.), visual monitoring (spy satellites, old-fashioned "island watchers") and electronic surveillance (Internet traffic, bank account transfers, etc.) among others.

Surveillance yields a lot of data in many different forms. Once the data is collected, unless there is something that is blatantly amiss, all you have is a big disorganized pile of data. To catch the bad guys, you need to assimilate and integrate the data in a meaningful manner.

Two major obstacles to the task of putting surveillance data together in a meaningful manner are the volume of data that must be assimilated and the task of integrating data.

I think I have heard of this before. This sounds like data warehousing in its early days. Data warehouse teams deal with volumes of data. Hopefully, surveillance security will provide a framework of data that can be used to detect threats and sense terrorist plots before they occur.

Would all the network security in the world have done anything at all to prevent September 11? The answer is an emphatic NO! However, would a surveillance network that was properly constructed, properly integrated and properly analyzed have prevented the tragedy of September 11? With a properly constructed and properly integrated network, there is at least a chance that terrorist detection could be made – with properly built and properly analyzed surveillance security.

Let's not kid ourselves. An Internet and encryption security conference without architects, systems integrators and data warehouse specialists is about as useful as a conference on air travel without pilots. Security is not one-dimensional.

Exactly what data warehouse skills are needed to support surveillance security? Among other skills are database design skills that:

  • Allow for fuzzy logic and partial identification, as well as for precise identification of individuals and events.
  • Allow data from many disparate sources to be gathered and assimilated into a cohesive whole.
  • Allow searching on many criteria all at once or in conjunction with each other.
  • Can deal with very large volumes of data.
  • Can handle dealing with data originating on and stored on different storage media.
  • Are aware of the economics of the consequences of design.
  • Are aware of the practices of achieving high performance.
  • Are aware of techniques to connect seemingly otherwise unrelated data.

When you look at this list of necessary skills to build a surveillance network, it is apparent that these skills have only the most remote commonality (if, in fact, any commonality at all) with network security.
Please, let's be smarter this time around.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access