Several technology companies will build a system to let the U.S. government share data securely among its various agencies, a goal it has struggled to achieve since the September 2001 terrorist attacks.
The aim of the Secure Information Sharing Infrastructure (SISA) project is to create a system that allows data to be shared between the agencies, but in a way that ensures only the people who are authorized to access data are able to do so.
Cisco Systems Inc., Microsoft Corp. and EMC Corp. will provide commercial, off-the-shelf products, with smaller vendors contributing specific technologies. Cisco will focus on secure networks and data protection, Microsoft on identity management and OSes, and EMC on storage.
Also participating are Liquid Machines Inc. on content protection, Swan Island Networks Inc. on information-sharing architectures and Titus Labs on information labeling and classification. The business alliance between the companies will be managed by Addx Corp.
The companies didn't provide a timetable or cost for the system, and government representatives weren't available early Tuesday.
A report released in 2004 by the 9/11 Commission, which investigated the terrorist attacks, found that U.S. intelligence agencies had cumbersome information-sharing practices that hampered their ability to counter terrorism.
The vendors' Web site gave scenarios of how the SISA system might be used. In one, a law enforcement agency raids an apartment and finds documents and financial ledgers in a foreign language. The material could be posted on an information-sharing site to be viewed by an investigator in another country.
The companies also gave a general view of how a person would be authenticated and access information from the network. A SISA administrator at a command center will access a user's profile in Microsoft's Active Directory, then establish a VPN (virtual private network) to let the user access the files they are permitted to view. Cisco Security Agent governs the user's access to specific resources, such as write capabilities or a USB device, and the contents of e-mails and documents are protected with Liquid Machines and Microsoft's Rights Management Services (RMS).